Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kali Forms — Contact Form & Drag-and-Drop Builder — Vulnerabilities & Security Advisories 7

All 7 CVE vulnerabilities found in Kali Forms — Contact Form & Drag-and-Drop Builder, with AI-generated Chinese analysis, references, and POCs.

Vendor: wpchill

CVE IDTitleCVSSSeverityPublished
CVE-2026-3584 Kali Forms <= 2.4.9 - Unauthenticated Remote Code Execution via form_process CWE-94 9.8 Critical2026-03-20
CVE-2026-1860 Kali Forms <= 2.4.8 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Form Data Exposure CWE-862 4.3 Medium2026-02-18
CVE-2024-1218 Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization CWE-862 4.3 Medium2024-02-20
CVE-2024-1217 Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization to Arbitrary Plugin Deactivation CWE-862 7.6 High2024-02-20
CVE-2020-36717 Kali Forms <= 2.1.1 - Cross-Site Request Forgery CWE-352 8.8 High2023-06-07
CVE-2020-36720 Kali Forms <= 2.1.1 - Missing Authorization to Settings Update CWE-862 7.1 High2023-06-07
CVE-2020-36712 Kali Forms <= 2.1.1 - Unauthenticated Arbitrary Post Deletion CWE-862 8.6 High2023-06-07

All 7 known CVE vulnerabilities affecting Kali Forms — Contact Form & Drag-and-Drop Builder with full Chinese analysis, references, and POCs where available.