Browse all 17 CVE security advisories affecting funnelforms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-62758 | WordPress Funnelforms Free plugin <= 3.8 - Cross Site Scripting (XSS) vulnerability — Funnelforms FreeCWE-79 | 6.5 | Medium | 2025-12-31 |
| CVE-2025-68582 | WordPress Funnelforms Free plugin <= 3.8 - Broken Access Control vulnerability — Funnelforms FreeCWE-862 | 5.3 | Medium | 2025-12-24 |
| CVE-2024-10587 | Funnelforms Free <= 3.7.5.1 - Authenticated (Contributor+) PHP Object Injection — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-502 | 8.8 | High | 2024-12-04 |
| CVE-2024-5857 | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Deletion — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 5.3 | Medium | 2024-08-29 |
| CVE-2024-7447 | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Upload — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 5.3 | Medium | 2024-08-28 |
| CVE-2024-6311 | Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Upload — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-434 | 7.2 | High | 2024-08-28 |
| CVE-2024-6312 | Funnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File Deletion — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-22 | 6.5 | Medium | 2024-08-28 |
| CVE-2023-5385 | Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Duplication — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5383 | Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Duplication — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-352 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5387 | Funnelforms Free <= 3.4 - Missing Authorization to Enable/Disable Dark Mode — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5416 | Funnelforms Free <= 3.4 - Missing Authorization to Category Deletion — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5411 | Funnelforms Free <= 3.4 - Missing Authorization to Post Modification — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5382 | Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Deletion — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-352 | 6.5 | Medium | 2023-11-22 |
| CVE-2023-5415 | Funnelforms Free <= 3.4 - Missing Authorization to New Category Creation — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5419 | Funnelforms Free <= 3.4 - Missing Authorization to Test Email Sending — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
| CVE-2023-5386 | Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Deletion — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 6.5 | Medium | 2023-11-22 |
| CVE-2023-5417 | Funnelforms Free <= 3.4 - Missing Authorization to Category Update — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms FreeCWE-862 | 4.3 | Medium | 2023-11-22 |
This page lists every published CVE security advisory associated with funnelforms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.