| CVE-2025-52753 | WordPress Contact Form by Supsystic plugin <= 1.7.36 - Cross Site Scripting (XSS) vulnerability | supsystic | Contact Form by Supsystic | High | 7.1 | 2025-10-22 14:32:25 | Deep Dive |
| CVE-2025-9562 | Redirection for Contact Form 7 <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via qs_date Shortcode | themeisle | Redirection for Contact Form 7 | Medium | 6.4 | 2025-10-18 06:42:47 | Deep Dive |
| CVE-2025-10732 | SureForms – Drag and Drop Form Builder for WordPress <= 1.12.1 - Missing Authorization to Authenticated (Contributor+) Information Disclosure | brainstormforce | SureForms – Contact Form, Payment Form & Other Custom Form Builder | Medium | 4.3 | 2025-10-14 05:24:58 | Deep Dive |
| CVE-2025-10735 | Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery | bplugins | Block for Mailchimp – Add Email Subscription Forms and Collect Leads | Medium | 4.0 | 2025-10-01 03:25:23 | Deep Dive |
| CVE-2025-9944 | Professional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email Sending | kelderic | Professional Contact Form | Medium | 4.3 | 2025-09-27 06:47:16 | Deep Dive |
| CVE-2025-9898 | cForms – Light speed fast Form Builder <= 3.0.0 - Cross-Site Request Forgery | compojoom | cForms – Light speed fast Form Builder | Medium | 4.3 | 2025-09-27 06:47:15 | Deep Dive |
| CVE-2025-10498 | Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.3 | 2025-09-27 02:25:14 | Deep Dive |
| CVE-2025-10499 | Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update | kstover | Ninja Forms – The Contact Form Builder That Grows With You | Medium | 4.3 | 2025-09-27 02:25:13 | Deep Dive |
| CVE-2025-60169 | WordPress W3SCloud Contact Form 7 to Zoho CRM plugin <= 3.2 - Cross Site Request Forgery (CSRF) vulnerability | W3S Cloud Technology | W3SCloud Contact Form 7 to Zoho CRM | High | 7.1 | 2025-09-26 08:32:05 | Deep Dive |
| CVE-2025-58665 | WordPress Form Generator for WordPress Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability | tmontg1 | Form Generator for WordPress | Medium | 5.9 | 2025-09-22 18:22:58 | Deep Dive |
| CVE-2025-10489 | SureForms – Drag and Drop Form Builder for WordPress <= 1.12.0 - Missing Authorization to Authenticated (Contributor+) Form Creation | brainstormforce | SureForms – Contact Form, Payment Form & Other Custom Form Builder | Medium | 4.3 | 2025-09-20 04:27:55 | Deep Dive |
| CVE-2025-10627 | SourceCodester Online Exam Form Submission delete_user.php sql injection | SourceCodester | Online Exam Form Submission | Medium | 6.3 | 2025-09-17 23:32:09 | Deep Dive |
| CVE-2025-10626 | SourceCodester Online Exam Form Submission update_s3.php sql injection | SourceCodester | Online Exam Form Submission | Medium | 6.3 | 2025-09-17 23:32:07 | Deep Dive |
| CVE-2025-10625 | SourceCodester Online Exam Form Submission dashboard.php sql injection | SourceCodester | Online Exam Form Submission | Medium | 6.3 | 2025-09-17 23:02:08 | Deep Dive |
| CVE-2025-10602 | SourceCodester Online Exam Form Submission delete_s1.php sql injection | SourceCodester | Online Exam Form Submission | Medium | 6.3 | 2025-09-17 17:02:07 | Deep Dive |
| CVE-2025-10601 | SourceCodester Online Exam Form Submission index.php sql injection | SourceCodester | Online Exam Form Submission | High | 7.3 | 2025-09-17 16:32:11 | Deep Dive |
| CVE-2025-10600 | SourceCodester Online Exam Form Submission register.php unrestricted upload | SourceCodester | Online Exam Form Submission | High | 7.3 | 2025-09-17 16:32:08 | Deep Dive |
| CVE-2025-10596 | SourceCodester Online Exam Form Submission index.php sql injection | SourceCodester | Online Exam Form Submission | High | 7.3 | 2025-09-17 15:02:07 | Deep Dive |
| CVE-2025-10316 | Cross-Site Scripting in extension "Form to Database" (form_to_database) | TYPO3 | Extension "Form to Database" (form_to_database) | - | - | 2025-09-16 09:09:33 | Deep Dive |
| CVE-2025-8280 | Contact Form 7 reCAPTCHA <= 1.2.0 - Reflected XSS via $_SERVER['REQUEST_URI'] | Unknown | Contact Form 7 reCAPTCHA | 中危 | - | 2025-09-12 06:00:06 | Deep Dive |