All 4 CVE vulnerabilities found in WS Form LITE – Drag & Drop Contact Form Builder, with AI-generated Chinese analysis, references, and POCs.
Vendor: westguard
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-3912 | WS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.10.35 - Missing Authorization to Unauthenticated Sensitive Information Exposure CWE-862 | 5.3 | Medium | 2025-04-25 |
| CVE-2024-13509 | WS Form LITE and PRO <= 1.10.13 - Unauthenticated Stored Cross-Site Scripting CWE-79 | 7.2 | High | 2025-01-28 |
| CVE-2024-10647 | WS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.9.244 - Reflected Cross-Site Scripting via URL CWE-79 | 6.1 | Medium | 2024-11-06 |
| CVE-2023-5424 | WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection CWE-1236 | 4.7 | Medium | 2024-06-07 |
All 4 known CVE vulnerabilities affecting WS Form LITE – Drag & Drop Contact Form Builder with full Chinese analysis, references, and POCs where available.