All 3 CVE vulnerabilities found in WP-FormAssembly, with AI-generated Chinese analysis, references, and POCs.
Vendor: FormAssembly / Drew Buschhorn
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-13501 | WP-FormAssembly <= 2.0.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 | 6.4 | Medium | 2025-02-18 |
| CVE-2022-45852 | WordPress WP-FormAssembly plugin <= 2.0.5 - Auth. Arbitrary File Read vulnerability CWE-22 | 6.5 | Medium | 2024-04-24 |
| CVE-2023-49768 | WordPress WP-FormAssembly plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability CWE-79 | 6.5 | Medium | 2024-04-18 |
All 3 known CVE vulnerabilities affecting WP-FormAssembly with full Chinese analysis, references, and POCs where available.