| CVE-2024-4319 | Advanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information Disclosure | vsourz1td | Advanced Contact form 7 DB | Medium | 5.3 | 2024-06-11 05:33:40 | Deep Dive |
| CVE-2024-35747 | WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability | wpdevart | Contact Form Builder, Contact Widget | Medium | 5.3 | 2024-06-10 16:37:17 | Deep Dive |
| CVE-2024-35735 | WordPress WP Time Slots Booking Form plugin <= 1.2.11 - Broken Access Control vulnerability | CodePeople | WP Time Slots Booking Form | Medium | 5.3 | 2024-06-10 07:43:16 | Deep Dive |
| CVE-2024-33543 | WordPress WP Time Slots Booking Form plugin <= 1.2.06 - Broken Access Control vulnerability | CodePeople | WP Time Slots Booking Form | High | 7.5 | 2024-06-09 12:11:16 | Deep Dive |
| CVE-2024-35678 | WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability | BestWebSoft | Contact Form to DB by BestWebSoft | High | 8.5 | 2024-06-08 15:57:33 | Deep Dive |
| CVE-2024-35734 | WordPress WP Time Slots Booking Form plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability | CodePeople | WP Time Slots Booking Form | High | 7.1 | 2024-06-08 12:49:14 | Deep Dive |
| CVE-2023-5424 | WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection | westguard | WS Form LITE – Drag & Drop Contact Form Builder | Medium | 4.7 | 2024-06-07 09:33:36 | Deep Dive |
| CVE-2024-4621 | ArForms < 6.6 - Admin+ Stored XSS | Unknown | ARForms - Premium WordPress Form Builder Plugin | 中危 | - | 2024-06-07 06:00:03 | Deep Dive |
| CVE-2024-4620 | ArForms < 6.6 - Unauthenticated RCE | Unknown | ARForms - Premium WordPress Form Builder Plugin | 中危 | - | 2024-06-07 06:00:02 | Deep Dive |
| CVE-2024-5665 | Login/Signup Popup ( Inline Form + Woocommerce ) 2.7.1 - 2.7.2 - Missing Authorization to Arbitrary Options Exposure | xootix | Login/Signup Popup ( Inline Form + Woocommerce ) | Medium | 4.3 | 2024-06-06 07:37:12 | Deep Dive |
| CVE-2024-5324 | XootiX Framework <= Various Plugin Versions - Missing Authorization to Arbitrary Options Update | xootix | Waitlist Woocommerce ( Back in stock notifier ) | High | 8.8 | 2024-06-06 02:02:48 | Deep Dive |
| CVE-2024-5149 | BuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient Randomness | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | Medium | 6.5 | 2024-06-05 04:32:25 | Deep Dive |
| CVE-2023-48318 | WordPress Contact Form Email plugin <= 1.3.41 - Captcha Bypass vulnerability | CodePeople | Contact Form Email | Medium | 5.3 | 2024-06-04 10:26:33 | Deep Dive |
| CVE-2023-48290 | WordPress Form Maker by 10Web plugin <= 1.15.20 - Captcha Bypass Vulnerability vulnerability | 10Web Form Builder Team | Form Maker by 10Web | Medium | 5.3 | 2024-06-04 10:25:21 | Deep Dive |
| CVE-2023-45009 | WordPress Captcha for Contact Form 7 plugin <= 1.11.3 - Capcha Bypass vulnerability | Forge12 Interactive GmbH | Captcha/Honeypot for Contact Form 7 | Medium | 5.3 | 2024-06-04 09:06:10 | Deep Dive |
| CVE-2023-28494 | WordPress Contact Form Email plugin <= 1.3.31 - Missing Authorization Leading To Feedback Submission Vulnerability | CodePeople | Contact Form Email | Medium | 4.3 | 2024-06-04 07:06:02 | Deep Dive |
| CVE-2024-4870 | Frontend Registration – Contact Form 7 <= 5.1 - Authenticated (Editor+) Privilege Escalation | pokornydavid | Frontend Registration – Contact Form 7 | High | 7.2 | 2024-06-04 02:00:55 | Deep Dive |
| CVE-2023-27460 | WordPress CP Contact Form with PayPal plugin <= 1.3.34 - Missing Authorization Leading To Feedback Submission vulnerability | CodePeople, paypaldev | CP Contact Form with Paypal | Medium | 4.3 | 2024-06-03 22:01:44 | Deep Dive |
| CVE-2023-26523 | WordPress Calculated Fields Form plugin <= 1.1.120 - Missing Authorization Leading To Feedback Submission Vulnerability | CodePeople | Calculated Fields Form | Medium | 4.3 | 2024-06-03 21:42:10 | Deep Dive |
| CVE-2024-35632 | WordPress Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability | CRM Perks. | Integration for Contact Form 7 and Constant Contact | Medium | 4.3 | 2024-06-03 11:49:26 | Deep Dive |