Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free, with AI-generated Chinese analysis, references, and POCs.

Vendor: funnelforms

CVE ID	Title	CVSS	Severity	Published
CVE-2024-10587	Funnelforms Free <= 3.7.5.1 - Authenticated (Contributor+) PHP Object Injection CWE-502	8.8	High	2024-12-04
CVE-2024-5857	Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Deletion CWE-862	5.3	Medium	2024-08-29
CVE-2024-7447	Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Upload CWE-862	5.3	Medium	2024-08-28
CVE-2024-6311	Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Upload CWE-434	7.2	High	2024-08-28
CVE-2024-6312	Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Deletion CWE-22	6.5	Medium	2024-08-28
CVE-2023-5385	Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Duplication CWE-862	4.3	Medium	2023-11-22
CVE-2023-5383	Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Duplication CWE-352	4.3	Medium	2023-11-22
CVE-2023-5387	Funnelforms Free <= 3.4 - Missing Authorization to Enable/Disable Dark Mode CWE-862	4.3	Medium	2023-11-22
CVE-2023-5416	Funnelforms Free <= 3.4 - Missing Authorization to Category Deletion CWE-862	4.3	Medium	2023-11-22
CVE-2023-5411	Funnelforms Free <= 3.4 - Missing Authorization to Post Modification CWE-862	4.3	Medium	2023-11-22
CVE-2023-5382	Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Deletion CWE-352	6.5	Medium	2023-11-22
CVE-2023-5415	Funnelforms Free <= 3.4 - Missing Authorization to New Category Creation CWE-862	4.3	Medium	2023-11-22
CVE-2023-5419	Funnelforms Free <= 3.4 - Missing Authorization to Test Email Sending CWE-862	4.3	Medium	2023-11-22
CVE-2023-5386	Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Deletion CWE-862	6.5	Medium	2023-11-22
CVE-2023-5417	Funnelforms Free <= 3.4 - Missing Authorization to Category Update CWE-862	4.3	Medium	2023-11-22

All 15 known CVE vulnerabilities affecting Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free — Vulnerabilities & Security Advisories 15