cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12112,https://securityvulnerability.io/vulnerability/CVE-2024-12112,Stored Cross-Site Scripting in Easy Form Builder for WordPress,"The Easy Form Builder plugin for WordPress suffers from a stored cross-site scripting vulnerability due to inadequate input sanitization and output escaping. Attackers with Subscriber-level access or higher can exploit this flaw by injecting malicious scripts through the 'name' parameter of the 'add_form_Emsfb' AJAX action. This can lead to arbitrary web scripts executing on pages viewed by unsuspecting users, posing significant security risks. It is critical for users of the plugin to upgrade to the latest version or apply available patches to protect their sites from potential exploitation.",Wordpress,"Easy Form Builder – WordPress Plugin Form Builder: Contact Form, Survey Form, Payment Form, And Custom Form Builder",6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,false,false,false,2025-01-08T03:18:11.056Z,0
CVE-2024-10646,https://securityvulnerability.io/vulnerability/CVE-2024-10646,Stored Cross-Site Scripting Vulnerability in Contact Form Plugin,"The Contact Form Plugin by Fluent Forms for the Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is affected by a vulnerability that allows stored cross-site scripting. This issue arises from inadequate input sanitization and output escaping in the form's subject parameter. Unsanctioned attackers can exploit this vulnerability to inject arbitrary web scripts into pages, leading to the execution of these scripts whenever a user accesses an affected page. This poses a significant risk to the security and integrity of WordPress sites using this plugin.",Wordpress,"Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,2024-12-14T05:34:14.007Z,0
CVE-2024-11205,https://securityvulnerability.io/vulnerability/CVE-2024-11205,Unauthorized Data Modification in WPForms Plugin for WordPress,"The WPForms plugin for WordPress presents a security vulnerability that arises from a missing capability check within the 'wpforms_is_admin_page' function. This flaw affects versions from 1.8.4 to 1.9.2.1 and allows authenticated attackers with Subscriber-level access or higher to execute unauthorized actions such as refunding payments and canceling subscriptions. The lack of proper validation opens the door for misused access privileges, making it essential for users to evaluate their installations for the specified versions and apply security measures.",Wordpress,"WPforms – Easy Form Builder For WordPress – Contact Forms, Payment Forms, Surveys, & More",8.5,HIGH,0.000699999975040555,false,,true,false,true,,false,false,2024-12-10T04:23:41.091Z,0
CVE-2024-10260,https://securityvulnerability.io/vulnerability/CVE-2024-10260,Stored Cross-Site Scripting Vulnerability in Tripetto WordPress Plugin,"The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the file.",Wordpress,"WordPress Form Builder Plugin For Contact Forms, Surveys And Quizzes – Tripetto",6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-11-15T05:30:56.350Z,0
CVE-2024-10593,https://securityvulnerability.io/vulnerability/CVE-2024-10593,WPForms Contact Forms Plugin Vulnerable to Cross-Site Request Forgery,"The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.1.6. This is due to missing or incorrect nonce validation on the process_admin_ui function. This makes it possible for unauthenticated attackers to delete WPForm logs via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.",Wordpress,"WPforms – Easy Form Builder For WordPress – Contact Forms, Payment Forms, Surveys, & More",4.3,MEDIUM,0.0005200000014156103,false,,false,false,false,,false,false,2024-11-13T02:33:17.019Z,0
CVE-2017-20194,https://securityvulnerability.io/vulnerability/CVE-2017-20194,Unauthenticated Attackers Can Export All Form Entries via Plugin Flaw,"The Formidable Form Builder plugin for WordPress has a vulnerability that allows for sensitive data exposure through the frm_forms_preview AJAX action. This flaw enables unseen attackers to export all entries submitted via form interfaces, posing a significant risk of data leakage. Affected versions of this plugin, up to and including 2.05.03, require immediate attention to safeguard against unauthorized data access. Site administrators must perform updates and implement security measures to mitigate exposure risks.",Wordpress,"Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder",5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,false,false,2024-10-16T07:31:52.606Z,0
CVE-2017-20192,https://securityvulnerability.io/vulnerability/CVE-2017-20192,Plugin Vulnerable to Stored Cross-Site Scripting,"The Formidable Form Builder plugin for WordPress contains a vulnerability that permits Stored Cross-Site Scripting (XSS) attacks via multiple parameters during form submissions, including 'after_html'. This flaw arises due to inadequate input sanitization and output escaping practices in versions earlier than 2.05.03. As a result, unauthenticated attackers can exploit this weakness to inject malicious web scripts, which may execute in the browsers of affected users, leading to potential data breaches and other security risks.",Wordpress,"Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder",8.3,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,2024-10-16T06:43:36.437Z,0
CVE-2022-4974,https://securityvulnerability.io/vulnerability/CVE-2022-4974,Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes,"The Freemius SDK, utilized by numerous WordPress plugin and theme developers, is susceptible to security flaws that permit Cross-Site Request Forgery and information disclosure. This is attributed to the absence of adequate capability checks and nonce protection measures on critical functions such as _get_debug_log, _get_db_option, and _set_db_option. Versions of the Freemius SDK prior to 2.4.3 exhibit these vulnerabilities, making any WordPress plugin or theme utilizing these versions susceptible to exploitation.",Wordpress,"Yasr – Yet Another Star Rating Plugin For WordPress,Events Addon For Elementor,Fraud Prevention For WooCommerce And Edd,Gutenberg Blocks – Acf Blocks Suite,Ultimeter,Past Events Extension,Pootle Pagebuilder – WordPress Page Builder,Local Delivery Drivers For WooCommerce,Ultimate Gutenberg – Custom Block Templates,WP Required Taxonomies – Categories And Tags Mandatory,Featured Products First For WooCommerce – A Extension Of WooCommerce (WooCommerce Addon Plugin),Ssl Certificate – Free Ssl, Https By Ssl Zen,Streak Crm For Gmail For Contact Form 7 – WordPress Plugin,WordPress Dev Powers – Acf Color Coded Field Types Plugin,Dancepress (trwa),Product Size Charts Plugin For WooCommerce,WP My Admin Bar,A No-code Page Builder For Beautiful Performance-based Content,Localseomap,Easy Prayer,Adfoxly – Ad Manager, Adsense Ads & Ads.txt,WP Get Personal,Checkout With Cash App On Edd,Server Info,Custom WooCommerce Checkout Fields Editor,Krsp Frontend File Uploader,Panorama Viewer- Best Plugin To Display Panoramic Images/videos,Bulk Attachment Download,Autosave Net,Premmerce Wholesale Pricing For WooCommerce,Any Popup – Popup Forms, Optins & Ads,Checkout With Venmo On Edd,Payment Gateway Per Product For WooCommerce,Hqtheme Extra,Vit Website Reviews,WooCommerce Eu Vat Assistant,WordPress Slider Block Gutenslider,Hucommerce | Magyar WooCommerce Kiegészítések,Kvoucher,Video Player For Youtube,Error Log Monitor,Slidedeck: Responsive WordPress Slider Plugin,Premmerce Multi-currency For WooCommerce,Booking Addon For WooCommerce,WP Event Partners – WordPress Plugin For Event And Conference Management,Wc Shop Sync – Square Payment Gateway For WooCommerce, Inventory Sync Between Square And WooCommerce, Ultimate WooCommerce Square Plugin,Add Expires Headers & Optimized Minify,Forcefield,Fit: Featured Image Toolkit,All In One Invite Codes,Dynamic Pricing And Discount Rules For WooCommerce,Better Messages – Live Chat For WordPress, Buddypress, Peepso, Ultimate Member, Buddyboss,Grid & Styler For Contact Form 7 And Divi,Protect Uploads With Login – Protect Your Uploads,Atlas – Knowledge Base,Simple Sitemap – Create A Responsive Html Sitemap,Super Video Player- Best WordPress Video Display Plugin For Mp4/ogg,WordPress Books Gallery,Fibosearch – Ajax Search For WooCommerce,Tag Groups Is The Advanced Way To Display Your Taxonomy Terms,WP Free Ssl – Free Ssl Certificate For WordPress And Force Https,Clickervolt – Affiliate Links & Click Tracking For Performance Marketers,Consultpress Lite,Divi Forms Styler – Gravity Forms, Fluent Forms & Contact Form 7,Streamweasels Twitch Integration,Mobile View For Responsive Web Design Optimization (ux Design) + Mobile Friendly Test,Zip Code Redirect,Guestofy – Restaurant Reservations Plugin, Room Planer, Reservation Form,Cf7 Constant Contact Fields Mapping,Booking Calendar | Appointment Booking | Bookit,Ethereumico,Rt Easy Builder – Advanced Addons For Elementor,WP Contact Slider,Country Based Payments For WooCommerce,Filr – Secure Document Library,Elasta,Mapgeo – Interactive Geo Maps,WordPress Animation Plugin – Animated Everything,WP Notification Bell,Activity Log For MainWP,Connected Sermons,Bulk Edit And Create User Profiles – WP Sheet Editor,Кнопка Юmoney,Bulk WooCommerce Category Creator,Easy Math Captcha For Cf7,Master Accordion ( Former WP Awesome Faq Plugin ),Better Elementor Addons,Elementor Addons By Livemesh,Place Order Without Payment For WooCommerce,Stewoo – Super Transactional Emails For WooCommerce,Demomentsomtres Address,Out Of Stock Display For WooCommerce,Ultimate Blocks – WordPress Blocks Plugin,Bulk Auto Image Title Attribute (image Title Tag) Optimizer (image Seo),WP Radio – Worldwide Online Radio Stations Directory For WordPress,Bookpress – For Book Authors,Qyrr – Simply And Modern Qr-code Creation,WordPress Directory Plugin For Business Listings –  WP Local Plus,Equalize Digital Accessibility Checker – Audit Your Website For Wcag, Ada, And Section 508 Accessibility Errors,Funnelmentals,Blockspare: Gutenberg Blocks & Patterns For Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed,Forms To Zapier, Integromat, Ifttt, Workato, Automate.io, Elastic.io, Built.io, Apiant, Webhook,Product Carousel For WooCommerce – Woorousell,WordPress Robots.txt Optimizer (+ Xml Sitemap) – Boost Seo, Traffic & Rankings,Gfirem Fields,Coupon Affiliates – Affiliate Plugin For WooCommerce,WP Post Block,Lms Plugin – Elearning, Online Courses By Attest,Frontend Admin By Dynamiapps,Simple Giveaways – Grow Your Business, Email Lists And Traffic With Contests,WPtools Masonry Gallery & Posts For Divi,Gfirem Action After,Woo Ukrposhta,Annasta WooCommerce Product Filters,WP Lead Stream,The Events Calendar,Focus On Reviews For WooCommerce,Email Tracker – Email Tracking Plugin To Track Emails For Open And Email Links Click (compatible With WooCommerce),Block Styler For Gravity Forms,WP Page Templates,Product Customer List For WooCommerce,WP Moose,Team Members – A WordPress Team Plugin With Gallery, Grid, Carousel, Slider, Table, List, And More,Floating Social Share Icons And Social Share Buttons – Next Previous Post Links – Fl,South Pole: Climate Action Now,Littlebot Invoices,Genealogical Tree – WordPress Family Tree,Automatic Youtube Gallery,Thank You Page For WooCommerce,Marijuana Age Verify,WooCommerce Upcoming Products,Frontend Admin – Add And Edit Posts, Pages, Users And More All From The Frontend,Sv Tracking Manager,WP Easypay – Square For WordPress,WordPress Seo Checklist,Wgauge – Free Version,Prime Slider – Addons For Elementor (revolution Of A Slider, Hero Slider, Ecommerce Slider),Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions (ugc),WP Tools Divi Product Carousel,Guest Posting / Frontend Posting WordPress Plugin – WP Front User Submit / Front Editor,Social Gallery Lite,Stackable – Page Builder Gutenberg Blocks,Five-star Ratings Shortcode,Captcha 4WP – Antispam Captcha Solution For WordPress,Premmerce Wishlist For WooCommerce,Salon Booking System,Surbma | Gdpr Proof Cookie Consent & Notice Bar,Advance Menu Manager,Live Tv Player – Worldwide Live Tv Channels Player For WordPress,Market Exporter,WP Adminify – Custom WordPress Dashboard, Login And Admin Customizer,Tk Google Fonts Gdpr Compliant,Starfish Review Generation & Marketing For WordPress,WP Emaily,Education Addon For Elementor,Sv Proven Expert,Surveyfunnel – Survey Plugin For WordPress,Advanced Classifieds & Directory Pro,Music Player For Elementor – Audio Player & Podcast Player,Cryptocurrency Product For WooCommerce,WooCommerce Next Order Coupon,Overlay Image Divi Module,Email Header Footer,Document Viewer-  Plugin To Display Ms Office Docs,Price Bands For WooCommerce,Elementor Addon Elements,Smart Variations Images & Swatches For WooCommerce,Featured Images In Rss For Mailchimp & More,Simple Sponsorships,Unlimited Elements For Elementor (free Widgets, Addons, Templates),Joli Table Of Contents,Sparrow: Product Reviews And Ratings For WooCommerce,Multi Page Auto Advance For Gravity Forms,Generate Images – Magic Post Thumbnail,Live Scores For Sportspress,Hide Shipping Method For WooCommerce,Ultimate Carousel For Divi,WP Meta And Date Remover,Image Carousel For Divi,Comments Not Replied To,Contact Form 7 – Capsule Crm – Integration,Opensea,WordPress Translation Plugin For Post, Pages & WooCommerce Products. Tranzly Io Ai Deepl Automatic WordPress Translator.,Pixel Manager For WooCommerce – Track Google Analytics, Google Ads, Tiktok And More,Modern Addons For Elementor Page Builder,Viralike,WordPress Dev Powers – Element Selector Jquery Powers Plugin,WP Munich Blocks – Gutenberg Blocks For WordPress,Availability Datepicker – Integrate With Contact Form 7 And Divi,Footer Plugin For Divi,Accept Stripe Donation And Payments – AidWP,New User Approve,Gfirem Advance Search,WPmailer – The Best Mail Builder, No More Core For Your Emails Support Elementor, Cf7 Forms Etc…,Shared Files – Frontend File Upload Form & Secure File Sharing,WPbits Addons For Elementor Page Builder,Speculor,WP Google Street View (with 360° Virtual Tour) & Google Maps + Local Seo,WordPress Everse Starter Sites – Elementor Templates,Master Addons – Elementor Addons With White Label, Free Widgets, Hover Effects, Conditions, & Animations,Choice Payment Gateway For WooCommerce,Domain Mapping System | Create Microsites With Multiple Alias Domains (multisite Optional),Order And Inventory Manager For WooCommerce,Ninja Libs Amazon Ses,Delete All Comments Of WordPress,WP-cron Status Checker,Codekit – Custom Codes Editor,Foogallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel,Change Price Title For WooCommerce,WordPress Gallery Plugin – Edge Photo Gallery,Glorious Services & Support,Easy Newsletter Signups,Announcement & Notification Banner – Bulletin,Advanced Database Replacer,Multisite Robots.txt Manager,Simple Social Page Widget & Shortcode,WooCommerce Country Catalogs – Product Country Restrictions,Front End Pm,Ultimate Divi Modules Suite – Divi Sumo Lite,Xt Points & Rewards For WooCommerce,Widgets For WooCommerce Products On Elementor,Delivery For WooCommerce,WP Sms Plugin – WordPress Sms Two Factor Authentication – 2fa, Two Factor, Otp Sms And Email,Security Ninja – Secure Firewall & Secure Malware Scanner,Tinymce Annotate,Justified Gallery,Book Buyback Prices,Fuse Social Floating Sidebar,WP-hr Manager: The Human Resources Plugin For WordPress,Emails Blacklist For Everest Forms,All-in-one Video Gallery,Woo Admin Product Notes,Remove Add To Cart WooCommerce,Checkout With Zelle On WooCommerce,WP Tools Gravity Forms Divi Module,Everse,Run Time Image Resizing,Rest Routes – Custom Endpoints For WordPress Rest Api,Widget For Contact Form 7,Add Pinterest Conversion Tags For Pinterest Ads +  Site Verification,Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google Sheet As A Table.,WP Bugbot,Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, And Manage Your Google Drive Files Into Your WordPress Site,Nokke,WooCommerce Customers Table: View, Search, Bulk Editor,Sync Ecommerce Neo,Preloader For Divi,Get Better Reviews For WooCommerce,Knowledge Base Documentation & Wiki Plugin – Basepress Docs,Appointment & Event Booking Calendar Plugin – Webba Booking,Shuban,Acf For WooCommerce Product,Scheduled Notification Bar,3d Viewer – 3d Model Viewer Plugin,Fullscreen Menu,Gallery Photoblocks,Redirection For Contact Form 7,Demomentsomtres Grid Archive,Inbound Brew,WP Photo Effects,Top Bar – Popups – By WPoptin,Extra Fees Plugin For WooCommerce,Reset Course Progress For Learndash,Podcast Box – Best Podcasting Plugin For WordPress,The Best Plugin For Restrict Content, Support All Custom Post Types And Elementor – Password Protected,Turbo Widgets,Passster – Password Protect Pages And Content,Gift Message For WooCommerce,Azw WooCommerce File Uploads,Blog Grid & Post Grid – Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry, Category Post Grid By News & Blog Designer Pack,Broadcast Lite,Notification Bar, Announcement And Cookie Notice WordPress Plugin – Foobar,WP Author Bio,Rw Divi Unite Gallery,Tablesome – Form Db & Automation – WPforms, Contact Form 7, Elementor, Forminator, Fluent, Gravity,Product Image Watermark For Woo,Afi – The Easiest Integration Plugin,Revolution For Elementor,Coneblog – Elementor Blog Widgets,Under Construction,WP Gratify,Automizy Gravity Forms,Widgets On Pages,Get Feedback From Visitors – WP Feedback Suite Plugin,WordPress Buffer – Hypesocial. Social Media Auto Post, Social Media Auto Publish And Schedule,Content Aware Sidebars – Fastest Widget Area Plugin,Bani,Fast WordPress,Skt Templates – 100% Free Elementor & Gutenberg Templates,Categorify – WordPress Media Library Category & File Manager,Ivory Search – WordPress Search Plugin,Add Twitter Pixel For Twitter Ads,Xt Variation Swatches For WooCommerce,Url Shortify – Simple, Powerful And Easy Url Shortener Plugin For WordPress,Authorize.net Payment Gateway For WooCommerce,Buddypress WooCommerce My Account Integration. Create WooCommerce Member Pages,Affiliate Link Builder Plugin For Amazon Associates – Review Engine,Glossary,Bavoko Seo Tools – All-in-one WordPress Seo,Cartoon Url,WP Frontend Admin – Display WP Admin Pages In The Frontend,Block, Suspend, Report For Buddypress,Menu Image, Icons Made Easy,Xt Ajax Add To Cart For WooCommerce,One Click Login,Ether And Erc20 Tokens WooCommerce Payment Gateway,Chat Button- Leads And Order Over Chat,WooCommerce Shipping Gateway Per Product,Purosa,Best Responsive Comparison Table For Gutenberg Editor – Nichetable,Advanced Page Visit Counter –  Most Wanted Analytics Plugin For WordPress,WP Sierra,Digital Goods For WooCommerce Checkout,Seo Booster,Anti-spam By Fullworks : Gdpr Compliant Spam Protection,Ultimate Widgets Light,Insert Or Embed Articulate Content Into WordPress,Appexperts – Mobile App Builder For WordPress | WooCommerce To iOS And Android Apps,Ultimate Post Kit Addons For Elementor – (post Grid, Post Carousel, Post Slider, Category List, Post Tabs, Timeline, Post Ticker, Tag Cloud),Caxton – Create Pro Page Layouts In Gutenberg,Nitek Carousel Slider Cool Transitions,Extend Filter Products By Price Widget,Blockmeister – Block Pattern Builder,Yatri Tools,Restrict – Membership, Site, Content And User Access Restrictions For WordPress,Change Prices With Time For WooCommerce,Flat Rate Shipping Plugin For WooCommerce,Responsive Social Slider Widget,Menu Item Scheduler,Blog Sidebar Widget,Multipurpose Gutenberg Block,Full Page Blog Designer,WooCommerce Variation Swatches For Products,WP Activity Log,Simple Feature Requests Free – User Feedback Board,Bulk Edit Categories And Tags – Create Thousands Quickly On The Editor,License Manager For WooCommerce,Sky Login Redirect,Google Analytics Plugin For WordPress By Ga4WP,Divi Collage,WordPress Persistent Login,Deals Of The Day WooCommerce,Add Linkedin Insight Tags For Linkedin Ads,Easy Settings For Learndash,Share This Image,Easy Social Feed – Social Photos Gallery – Post Feed – Like Box,Nexus,Meridia,Webinar Solution: Create Live/evergreen/automated/instant Webinars, Stream & Zoom Meetings | Webinarignition,Delete Old Posts Automatically,Brand,WPbakery Page Builder Addons By Livemesh,WP Table Builder – WordPress Table Plugin,Radio Player – Live Shoutcast, Icecast And Any Audio Stream Player For WordPress,Divi Content Restrictor,Logo Showcase – Responsive Logo Carousel, Logo Slider & Logo Grid,Premmerce Variation Swatches For WooCommerce,Portfolio For Elementor & Image Gallery | Powerfolio,Ssl Atlas – Free Ssl Certificate & Https Redirect For WordPress,Gallery Blocks With Lightbox. Image Gallery, (html5 Video , Youtube, Vimeo) Video Gallery And Lightbox For Native Gallery,Easy Tiktok Feed,Popoverxyz – Show Light Weight Beautiful Tool Tips On Any Text,Bulk Auto Image Alt Text (alt Tag, Alt Attribute) Optimizer (image Seo),Number Chat,Rating-widget: Star Review System,Spotlight Social Feeds – Block, Shortcode, And Widget,Expire Tags,Go Viral – Social Share, Social Sharebar, Social Locker, Social Chat, Open Graph, Reactions, Share & View Counters,Design For Contact Form 7 Style WordPress Plugin – Cf7 Wow Styler,Dashy – Google Analytics Advanced Dashboard,Premmerce User Roles,Radio Station By Netmix® – Manage And Play Your Show Schedule In WordPress!,Mycred – Loyalty Points And Rewards Plugin For WordPress And WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce Rewards, And WooCommerce Credits For Gamification,WordPress Seo Audit Plugin – WP Site Auditor,WordPress Reviews By RevieWPress,WP Travel Engine – Tour Booking Plugin – Tour Operator Software,WP Mobile Menu – The Mobile-friendly Responsive Menu,WP Smart Export (free),Free Booking Plugin For Hotels, Restaurants And Car Rentals – Easync Booking,WP Conference Schedule,Strumenti Partita Iva Per WooCommerce,Anfrageformular – Multi Step Drag & Drop Formular Builder – Leadgenerierung,Premmerce Brands For WooCommerce,Ethereum Wallet,Limb Gallery | Create Beautiful Image & Video Galleries,Code Manager,Payment Gateway For Payfabric,Cp Simple Newsletter,Littlebot Ach For Stripe + Plaid,Aquarella Lite,Coinbase Commerce – Crypto Gateway For WooCommerce,Villar,Kikote – Location Picker At Checkout & Google Address Autofill Plugin For WooCommerce,Age Verification Screen For WooCommerce,Enhanced Ecommerce Google Analytics For WooCommerce,Joli Faq Seo – WordPress Faq Plugin,Mass Pages/posts Creator,WP Relevant Ads,Gloriousthemes Starter Sites,WP Group Promoter,Airpress,Schema Plugin For Divi, Gutenberg & Shortcodes,Giveaways For WooCommerce,Custom Login Page Customizer,Learnmore,Demomentsomtres Media Tools Auto,Ocean Extra,Kk Star Ratings – Rate Post & Collect User Feedbacks,Drop Shadow Boxes,Faq Manager For Divi, Gutenberg Block & Shortcode,Ads.txt & App-ads.txt Manager For WordPress,Quick Contact Form,WP Frontend Profile,Svg Flags – Beautiful Scalable Flags For All Countries!,Drip Feed Content Extended For Learndash,Posts List Designer By Category – List Category Posts Or Recent Posts,Conversion De Moneda WooCommerce,Vidseo | WordPress Video Seo Embedder With Transcripts (youtube & Vimeo),Before And After Product Images For WooCommerce,WooCommerce Customer Reviews With Artificial Intelligence Analyzis,  With IBM Watson Tone Analyzer,LaWPress – Law Firm Website Management,Shipping Method Display Style For WooCommerce,Royal Elementor Addons And Templates,Sql Reporting Services – Ssrs Plugin For WordPress,Bulk Edit Posts And Products In Spreadsheet,Delete Duplicate Posts,Ws Bootstrap,Clean Social Icons,Media Library File Download,WP Link Bio,Internal Linking For Seo Traffic & Ranking – Auto Internal Links (100% Automatic),Geo Mashup,Builder For WooCommerce Product Reviews Shortcodes – Reviewshort,Contact List – Premium Staff Listing, Business Directory Plugin & Address Book,Post Snippets – Custom WordPress Code Snippets Customizer,Socialmark – Easy Watermark/logo On Social Media Post Link Share Preview,Print My Blog – Print, PDF, & Ebook Converter WordPress Plugin,WP Delicious – Recipe Plugin For Food Bloggers (formerly Delicious Recipes),Treepress – Easy Family Trees & Ancestor Profiles,Postcode Redirect,Product Author For WooCommerce,WP Coupons And Deals – WordPress Coupon Plugin,Feedpress Generator – External Rss Frontend Customizer,Form Vibes – Database Manager For Forms,WP Automedic,Banner Management For WooCommerce,Duplicate Variations For WooCommerce,Send Prebuilt Emails,Faq / Accordion / Docs – Helpie WordPress Faq Accordion Plugin,Livemesh Siteorigin Widgets,Livemesh Addons For Beaver Builder,Tabs With Recommended Posts (widget),Spanish Market Enhancements For WooCommerce,Revivepress – Keep Your Old Content Evergreen,WP Fail2ban – Advanced Security Plugin,Ultra Elementor Addons,RecurWP – WordPress Recurly Payment Gateway,Smart Floating / Sticky Buttons – Call, Sharing, Chat Widgets & More – Buttonizer,Quick Event Manager,Image Photo Gallery Final Tiles Grid,Lightbox & Modal Popup WordPress Plugin – Foobox,WP Dev Powers – Display Screen Dimensions To Admin Plugin,Ultimate Bulk Seo Noindex Nofollow – Speed Up Penalty Recovery Ultimate Seo Booster,WP Data Access – WordPress App, Table And Form Builder Plugin,Storecustomizer – A Plugin To Customize All WooCommerce Pages,WordPress News Plugin – TopnewsWP,User Menus – Nav Menu Visibility,Contact Form 7 Multi-step Forms,Easy Age Verify,Blocked In China | Check If Your Site Is Available In The Chinese Mainland,WooCommerce Disable Payment Methods Based On Cart Conditions,Awesome Ssl,Iks Menu – WordPress Category Accordion Menu & Faqs,Purus,Hooked Editable Content,Run Contests, Raffles, And Giveaways With ContestsWP,Post Carousel Divi,Mailchimp Manager,Premmerce Permalink Manager For WooCommerce,Secure Ip Logins,Videopack,Premmerce WooCommerce Customers Manager,Anywhere Elementor,Divi Torque Lite – Divi Theme And Extra Theme,Events Calendar Registration,Rocket Maintenance Mode & Coming Soon Page,WordPress WooCommerce Sync For Google Sheet,Easy Smooth Scroll Links  – Smooth Scrolling Anchor,Page Builder Gutenberg Blocks – Kioken Blocks,Cryptocurrency Portfolio Tracker,Go Fetch Jobs (for WP Job Manager),Quick Affiliate Store,WP Tools Divi Blog Carousel,Post To Google My Business (google Business Profile),Nichebase,WPvisitorinfo – Show Visitor Information & Conditional Data Based On That Information,Premmerce,Cartpops – High Converting Add To Cart Popup For WooCommerce,Scrollsequence – Cinematic Scroll Image Animation Plugin,Elation,Cuisine Palace,Product Attachment For WooCommerce,Master Blocks – Gutenberg Site Builder,Product Options And Price Calculation Formulas For WooCommerce – Uni Cpo,WordPress Coupon Plugin For Bloggers And Marketers – WP Offers,WordPress Form Builder Plugin For Contact Forms, Surveys And Quizzes – Tripetto,Widgets On Pages And Posts,Better Messages – Wcfm Integration,Sheetpress – Manage WordPress Meta Data With Google Sheets,Advanced Custom Fields Options Import/export,Quick Paypal Payments,Tarot Card Oracle,Better Sharing,Restrict User Access – Ultimate Membership & Content Protection,Wupo Group Attributes For WooCommerce,Nugget By Ingot: Easy, Automated And Native A/b Testing For Everyone,Feedbackscout: The Easiest Way To Collect, Prioritise, Manage And Track Customer Feedback.,Arendelle,Easy Zillow Reviews,Battle Suit For Divi,Store Toolkit –  WooCommerce Extensions, Quick Enhancements & Handy Tools,Wcc Seo Keyword Research,Elements For Lifterlms,Custom Registration And Custom Login Forms With New Recaptcha,Quote For WooCommerce Lite – Add To Quote Plugin Lets Customers Request Custom Quotes For Products Using The Request A Quote Plugin For WooCommerce,Wadi Survey,Performance Kit,Page Builder For Gutenberg – Starterblocks,Impexium Single Sign On,Xt Quick View For WooCommerce,Live Drag And Drop Builder For Contact Form 7,Primary Addon For Elementor,Jds Portfolio,Twentyfourth WP Scraper,Blocksy Companion,WordPress Google Translate,Hasium,Station Pro,Event Tickets And Registration,Gateway For Paylate On WooCommerce,Auto Seo Meta Keywords (meta Tags Keywords) Optimization + WooCommerce,Climateclick: Climate Action For All,Premmerce Seo For WooCommerce,Wholesale For WooCommerce — This Wholesale Plugin Helps B2b And B2c Businesses Streamline Wholesale Products, Pricing, And User Roles, Automating Their WooCommerce Wholesale Stores,Frontend Group Restriction For Learndash,Really Simple Featured Video – Featured Video Support For Posts, Pages & WooCommerce Products,Display Eventbrite Events,Xt Floating Cart For WooCommerce,Cookie Consent For WP – Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for Gdpr, Ccpa & Eprivacy),WP Spid Italia,Tiered Pricing Table For WooCommerce,Migrate WordPress Website & Backups – Prime Mover,Replyable – Subscribe To Comments And Reply By Email,Court Reservation – Manage Your Court Bookings Online,Vo Store Locator – WP Store Locator Plugin,Get Directions Map,Premmerce Redirect Manager,Snazzyadmin WP Admin Theme,Amela,WooCommerce Customers Order History,EtHPress – Web3 Login,Ant Admin Notices For Team,WooCommerce Bulk Edit Coupons – WP Sheet Editor,Pay For Post With WooCommerce,Bbresolutions,WooCommerce Google Analytics Integration By Advanced Wc Analytics,Tk Smugmug Slideshow Shortcode,Lightbox – Everlightbox Gallery,Unakit,WP Affiliate Disclosure,Media Cloud For Bunny Cdn, Amazon S3, Cloudflare R2, Google Cloud Storage, Digitalocean And More,Racar Clear Cart For WooCommerce,WP Disable Sitemap,Internal Link Juicer: Seo Auto Linker For WordPress,Block Slider – Responsive Image Slider, Video Slider & Post Slider,Pinblocks — Gutenberg Blocks With Pinterest Widgets,Contact Widgets For Elementor All The Contact Links You Need In One Place,Tickera – WordPress Event Ticketing,Streamcast – Radio Player For WordPress,Sticky Add To Cart For Woo,Blockypage – Gutenberg Based Page Builder,Pro Broken Links Maintainer,WP School Calendar,Listplus – Unlimited Listing Directory,Walker Core,Agy – Age Verification For WooCommerce,Modern Designs For Gravity Forms,Rankbear,Stax Header Builder,Fast Checkout For WooCommerce,WooCommerce Payplug,Easy Code Snippets,W3scloud Contact Form 7 To Zoho Crm,Widget Detector For Elementor,Add Tiktok Pixel For Tiktok Ads (+WooCommerce),WP Encryption – One Click Free Ssl Certificate & Ssl / Https Redirect To Force Https, Security+,Better Messages – Integration For Wc Vendors Marketplace,Alley Business Toolkit,Premmerce Product Filter For WooCommerce,WP Search Filter,Easy Post Views Count,Power Ups For Elementor,Social Kit,Post Slider And Post Carousel With Post Vertical Scrolling Widget – A Responsive Post Slider,Hm Multiple Roles,Team Collaboration Plugin For WordPress Editorial Teams- Multicollab,Alt Manager,Premmerce Product Search For WooCommerce,WP Security Safe,WooCommerce Bulk Edit Products – WP Sheet Editor,Da Reactions,Food Store – Online Food Delivery & Pickup,Abeta Link Punchout,Jav&#039;s – WooCommerce And Trello Integration Wootrello,Page Builder Sandwich – Front End WordPress Page Builder Plugin,WP Sessions Time Monitoring Full Automatic,Woowgallery – Image Gallery / Content Gallery / Ecommerce Gallery / Social Gallery / Video Gallery / Album Photo Gallery,WordPress Auto Seo Plugin – Upfiv Seo Wizard,Greenshift – Animation And Page Builder Blocks,Restaurant & Cafe Addon For Elementor",6.3,MEDIUM,0.0007399999885819852,false,,false,false,false,,false,false,2024-10-16T06:43:30.014Z,0
CVE-2024-9528,https://securityvulnerability.io/vulnerability/CVE-2024-9528,Stored Cross-Site Scripting Vulnerability in Contact Form Plugin,"The Fluent Forms plugin for WordPress is susceptible to Stored Cross-Site Scripting vulnerabilities due to inadequate input sanitization and output escaping. This vulnerability affects all versions up to and including 5.1.19. Authenticated attackers, typically those with administrative access capable of editing forms, can exploit this weakness by injecting arbitrary web scripts into form label fields. These scripts execute in the context of user sessions when the compromised pages are accessed, posing a significant risk to user data and overall site security.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.9,MEDIUM,0.0006799999973736703,false,,false,false,false,,false,false,2024-10-05T02:34:50.316Z,0
CVE-2024-5053,https://securityvulnerability.io/vulnerability/CVE-2024-5053,Unauthorized API Key Update Vulnerability Discovered in Fluent Forms Contact Form Plugin for WordPress,"The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all versions up to, and including, 5.1.18. This makes it possible for Form Managers with a Subscriber-level access and above to modify the Mailchimp API key used for integration. At the same time, missing Mailchimp API key validation allows the redirect of the integration requests to the attacker-controlled server.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.3,MEDIUM,0.0006000000284984708,false,,false,false,false,,false,false,2024-09-01T10:58:05.084Z,0
CVE-2023-0714,https://securityvulnerability.io/vulnerability/CVE-2023-0714,Double Extension Attack Vulnerability in Metform Contact Form Builder,"The Metform Elementor Contact Form Builder for WordPress is susceptible to an arbitrary file upload vulnerability caused by inadequate file type validation. This issue is present in versions up to and including 3.2.4. Attackers can exploit this weakness by executing a 'double extension' attack, allowing them to upload files disguised with benign extensions while concealing malicious payloads. In certain configurations, this vulnerability may lead to remote code execution, which poses a significant risk to the security of affected WordPress installations. Proper validation and sanitation of file uploads is crucial to mitigate this risk.",Wordpress,"Metform – Contact Form, Survey, Quiz, & Custom Form Builder For Elementor",8.1,HIGH,0.0006300000241026282,false,,false,false,false,,false,false,2024-08-17T09:38:58.449Z,0
CVE-2024-6725,https://securityvulnerability.io/vulnerability/CVE-2024-6725,Stored Cross-Site Scripting Vulnerability Affects Formidable Forms Plugin,"The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in all versions up to, and including, 6.11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with form editing permissions and Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder",4.9,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-07-31T10:59:17.745Z,0
CVE-2024-6703,https://securityvulnerability.io/vulnerability/CVE-2024-6703,Stored Cross-Site Scripting Vulnerability in Contact Form Plugin,"The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ and 'btn_txt' parameters in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for attackers with the Form Manager permissions and Subscriber+ user role, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-07-27T12:30:05.686Z,0
CVE-2024-6518,https://securityvulnerability.io/vulnerability/CVE-2024-6518,Stored Cross-Site Scripting Vulnerability Affects Fluent Forms Contact Form Plugin,"The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-07-27T11:37:31.961Z,0
CVE-2024-6520,https://securityvulnerability.io/vulnerability/CVE-2024-6520,Arbitrary Script Injection Vulnerability in Contact Form Plugin,"The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-07-27T11:37:29.048Z,0
CVE-2024-6521,https://securityvulnerability.io/vulnerability/CVE-2024-6521,Fluent Forms Contact Form Plugin Vulnerable to Stored Cross-Site Scripting,"The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.8,MEDIUM,0.0005300000193528831,false,,false,false,false,,false,false,2024-07-27T11:13:38.635Z,0
CVE-2024-4266,https://securityvulnerability.io/vulnerability/CVE-2024-4266,Sensitive Information Exposure Vulnerability in MetForm Plugin,"The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.8.8 via the 'handle_file' function. This can allow unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users.",Wordpress,"Metform – Contact Form, Survey, Quiz, & Custom Form Builder For Elementor",5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-06-11T07:32:25.511Z,0
CVE-2024-4157,https://securityvulnerability.io/vulnerability/CVE-2024-4157,"Fluent Forms Quiz, Survey, and Drag & Drop WP Form Builder Plugin Vulnerable to PHP Object Injection","The Contact Form Plugin by Fluent Forms for WordPress is susceptible to a PHP Object Injection vulnerability due to deserialization of untrusted input in the extractDynamicValues function. This flaw impacts all versions up to 5.1.15 and enables authenticated attackers with contributor-level access or higher to inject PHP objects. If a vulnerable POP chain exists through an additional plugin or theme on the target site, the attacker could potentially delete arbitrary files, access sensitive data, or execute malicious code. Securing permissions for 'View Form' and 'Manage Form' by an administrator is a requirement; however, this restriction can be circumvented when combined with CVE-2024-2771.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-22T07:37:24.259Z,0
CVE-2024-4709,https://securityvulnerability.io/vulnerability/CVE-2024-4709,Stored Cross-Site Scripting Vulnerability in Fluent Forms Contact Form Plugin for WordPress,"The Contact Form Plugin by Fluent Forms is prone to a Stored Cross-Site Scripting vulnerability. This issue arises from a lack of sufficient input sanitization and output escaping in the 'subject' parameter. Authenticated attackers possessing contributor-level permissions or higher, with administrator-provided access, can exploit this vulnerability to inject arbitrary web scripts into pages. Consequently, these scripts execute whenever a user accesses the compromised page, posing significant risks to user data and overall site integrity.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",7.2,HIGH,0.00044999999227002263,false,,false,false,false,,false,false,2024-05-18T07:38:34.748Z,0
CVE-2024-2772,https://securityvulnerability.io/vulnerability/CVE-2024-2772,"Fluent Forms Quiz, Survey, and Drag & Drop WP Form Builder Plugin Vulnerable to Stored Cross-Site Scripting","The Contact Form Plugin developed by Fluent Forms for WordPress contains a vulnerability that allows for Stored Cross-Site Scripting (XSS). This flaw arises from inadequate input sanitization and output escaping in form settings present in all versions up to and including 5.1.13. Authenticated attackers who have access to the settings of Fluent Forms can exploit this vulnerability to inject arbitrary web scripts. These malicious scripts will execute whenever a user accesses a page that has been manipulated. Additionally, this vulnerability can be chained with another weakness, allowing even low-privileged users to inject harmful scripts into the site.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-18T07:38:33.407Z,0
CVE-2024-2782,https://securityvulnerability.io/vulnerability/CVE-2024-2782,Unauthorized Modification of Data Vulnerability in Fluent Forms Plugin,"The Contact Form Plugin by Fluent Forms for WordPress contains a significant vulnerability that permits unauthorized alteration of settings. This issue arises from a lack of capability checks on the /wp-json/fluentform/v1/global-settings REST API endpoint, impacting all versions up to and including 5.1.16. As a result, unauthenticated attackers can modify critical settings of the plugin, posing potential risks to website functionality and security. Website owners utilizing the Fluent Forms Plugin should prioritize immediate updates to mitigate this vulnerability.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-18T07:38:32.798Z,0
CVE-2024-2771,https://securityvulnerability.io/vulnerability/CVE-2024-2771,Fluent Forms Plugin Vulnerable to Privilege Escalation Attacks,"The Contact Form Plugin by Fluent Forms is susceptible to a privilege escalation vulnerability stemming from a lack of appropriate capability checks in the /wp-json/fluentform/v1/managers REST API endpoint. This issue allows unauthenticated attackers to assign management permissions to any user, granting them complete access to all settings and features of the plugin. Furthermore, this vulnerability enables attackers to delete manager accounts, posing significant risks to the integrity and security of the WordPress site utilizing this plugin. Immediate attention to update to the latest version is essential to mitigate potential exploits.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",9.8,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-18T07:38:20.993Z,0
CVE-2024-1945,https://securityvulnerability.io/vulnerability/CVE-2024-1945,Unauthorized Data Loss Vulnerability in ARForms Form Builder Plugin for WordPress,"The ARForms Form Builder plugin for WordPress is susceptible to unauthorized data loss resulting from inadequate capability checks within the 'arflite_remove_preview_data' function. This vulnerability impacts all versions up to and including 1.6.4. Authenticated attackers with subscriber-level access or higher can exploit this flaw to delete arbitrary site options, leading to potential availability issues and erosion of data integrity on affected WordPress sites.",Wordpress,"Contact Form, Survey & Popup Form Plugin For WordPress –  Arforms Form Builder",7.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-02T16:51:41.117Z,0
CVE-2024-1812,https://securityvulnerability.io/vulnerability/CVE-2024-1812,Plugin vulnerable to Server-Side Request Forgery,"The Everest Forms plugin for WordPress is susceptible to a Server-Side Request Forgery vulnerability in all versions up to and including 2.0.7. This vulnerability arises through the 'font_url' parameter, enabling unauthorized attackers to initiate web requests to arbitrary locations originating from the affected web application. Consequently, this can lead to the querying and potential modification of sensitive information from internal services, posing significant risks to the security of the system and its data integrity.",Wordpress,"Everest Forms – Build Contact Forms, Surveys, Polls, Quizzes, Newsletter & Application Forms, And Many More With Ease!",7.2,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-04-09T18:59:24.410Z,0
CVE-2023-6957,https://securityvulnerability.io/vulnerability/CVE-2023-6957,Fluent Forms Plugin Vulnerable to Stored Cross-Site Scripting,"The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The exploitation level depends on who is granted the right to create forms by an administrator. This level can be as low as contributor, but by default is admin.",Wordpress,"Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop WP Form Builder",4.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-13T15:27:24.732Z,0