Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 350 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-6228 Sina Extension for Elementor <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via `Sina Posts`, `Sina Blog Post` and `Sina Table` Widgets shaonsinaSina Extension for Elementor Medium 6.4 2025-08-01 11:18:56 Deep Dive
CVE-2025-5684 MetForm <= 4.0.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via `mf-template` DOM Element roxnorMetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor Medium 6.4 2025-07-29 19:42:34 Deep Dive
CVE-2025-6831 User Registration <= 4.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via urcr_restrict Shortcode wpeverestUser Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder Medium 6.4 2025-07-22 01:44:28 Deep Dive
CVE-2025-7638 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.45.0 - Authenticated (Administrator+) SQL Injection via `order_by` Parameter wpmudevForminator Forms – Contact Form, Payment Form & Custom Form Builder Medium 4.9 2025-07-18 04:23:02 Deep Dive
CVE-2025-7360 HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Directory Traversal to Arbitrary File Move htpluginsHT Contact Form – Drag & Drop Form Builder for WordPress Critical 9.1 2025-07-15 04:23:42 Deep Dive
CVE-2025-7340 HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Upload htpluginsHT Contact Form – Drag & Drop Form Builder for WordPress Critical 9.8 2025-07-15 04:23:42 Deep Dive
CVE-2025-7341 HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. <= 2.2.1 - Unauthenticated Arbitrary File Deletion htpluginsHT Contact Form – Drag & Drop Form Builder for WordPress Critical 9.1 2025-07-15 04:23:41 Deep Dive
CVE-2025-6691 SureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Submission Deletion brainstormforceSureForms – Drag and Drop Form Builder for WordPress High 8.1 2025-07-09 05:23:40 Deep Dive
CVE-2025-6742 SureForms – Drag and Drop Form Builder for WordPress <= 1.7.3 - Unauthenticated PHP Object Injection (PHAR) Triggered via Admin Submission Deletion brainstormforceSureForms – Drag and Drop Form Builder for WordPress High 7.5 2025-07-09 05:23:39 Deep Dive
CVE-2024-13451 Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure bitpressadminBit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder Medium 5.3 2025-07-02 05:29:18 Deep Dive
CVE-2025-6464 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated PHP Object Injection (PHAR) Triggered via Administrator Form Submission Deletion wpmudevForminator Forms – Contact Form, Payment Form & Custom Form Builder High 7.5 2025-07-02 05:29:17 Deep Dive
CVE-2025-6463 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Form Submission Deletion wpmudevForminator Forms – Contact Form, Payment Form & Custom Form Builder High 8.8 2025-07-02 04:24:56 Deep Dive
CVE-2025-5398 Ninja Forms <= 3.10.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via CSTI kstoverNinja Forms – The Contact Form Builder That Grows With You Medium 6.4 2025-06-27 09:23:19 Deep Dive
CVE-2025-48333 WordPress eForm - WordPress Form Builder < 4.19.1 - Cross Site Scripting (XSS) Vulnerability WPQuarkeForm - WordPress Form Builder High 7.1 2025-06-17 15:01:43 Deep Dive
CVE-2025-5341 Forminator <= 1.44.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via id and data-size Parameters wpmudevForminator Forms – Contact Form, Payment Form & Custom Form Builder Medium 6.4 2025-06-05 11:15:06 Deep Dive
CVE-2025-3201 Kali Forms < 2.4.3 - Contributor+ Stored XSS UnknownContact Form builder with drag & drop for WordPress--2025-05-16 06:00:04 Deep Dive
CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS UnknownContact Form, Survey, Quiz & Popup Form Builder--2025-05-15 20:06:44 Deep Dive
CVE-2024-10475 Lead Form Builder < 1.9.8 - Admin+ Stored XSS UnknownResponsive Contact Form Builder & Lead Generation Plugin--2025-05-15 20:06:43 Deep Dive
CVE-2025-3794 WPForms Lite <= 1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'start_timestamp' Parameter smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More Medium 5.4 2025-05-09 22:22:13 Deep Dive
CVE-2025-3815 SurveyJS <= 1.12.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter devsoftbalticSurveyJS: Drag & Drop Form Builder Medium 6.4 2025-05-03 07:22:57 Deep Dive