Fluentforms

Contact Form

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2024-10646

  • EPSS 1.25%
  • Veröffentlicht 14.12.2024 06:15:18
  • Zuletzt bearbeitet 06.02.2025 14:06:12

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form's subject parameter in all versions up to, and including, 5.2.6 due to insufficie...

6.1

CVE-2024-9651

Exploit
  • EPSS 0.13%
  • Veröffentlicht 09.12.2024 06:15:04
  • Zuletzt bearbeitet 06.05.2025 21:24:08

The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallo...

4.8

CVE-2024-9528

  • EPSS 0.24%
  • Veröffentlicht 05.10.2024 03:15:02
  • Zuletzt bearbeitet 06.02.2025 18:35:28

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form label fields in all versions up to, and including, 5.1.19 due to insufficient input s...

4.3

CVE-2024-5053

  • EPSS 0.09%
  • Veröffentlicht 01.09.2024 11:15:14
  • Zuletzt bearbeitet 04.10.2024 16:02:22

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key update due to an insufficient capability check on the verifyRequest function in all version...

5.4

CVE-2024-6703

  • EPSS 0.18%
  • Veröffentlicht 27.07.2024 13:15:09
  • Zuletzt bearbeitet 10.02.2025 16:13:16

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ and 'btn_txt' parameters in all versions up to, and including, 5.1.19 du...

4.8

CVE-2024-6521

  • EPSS 0.29%
  • Veröffentlicht 27.07.2024 12:15:11
  • Zuletzt bearbeitet 21.11.2024 09:49:47

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

4.8

CVE-2024-6520

  • EPSS 0.29%
  • Veröffentlicht 27.07.2024 12:15:11
  • Zuletzt bearbeitet 21.11.2024 09:49:47

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

4.8

CVE-2024-6518

  • EPSS 0.29%
  • Veröffentlicht 27.07.2024 12:15:10
  • Zuletzt bearbeitet 21.11.2024 09:49:47

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

8.8

CVE-2024-4157

  • EPSS 0.48%
  • Veröffentlicht 22.05.2024 08:15:10
  • Zuletzt bearbeitet 06.02.2025 18:36:20

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.15 via deserialization of untrusted input in the extractDyn...

5.4

CVE-2024-4709

  • EPSS 0.25%
  • Veröffentlicht 18.05.2024 08:15:08
  • Zuletzt bearbeitet 06.02.2025 18:37:12

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input...