Wpmudev

Forminator Forms

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-0470

  • EPSS 0.68%
  • Veröffentlicht 31.01.2025 04:15:09
  • Zuletzt bearbeitet 23.05.2025 16:14:15

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the title parameter in all versions up to, and including, 1.38.2 due to insufficient input sanitization a...

5.3

CVE-2024-9700

  • EPSS 0.18%
  • Veröffentlicht 31.10.2024 06:15:05
  • Zuletzt bearbeitet 25.11.2024 19:57:41

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.36.0 via the submit_quizzes() function due to missing validation on...

8.8

CVE-2024-10402

  • EPSS 0.28%
  • Veröffentlicht 26.10.2024 12:15:12
  • Zuletzt bearbeitet 05.02.2025 15:02:16

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.35.1. This makes it possible for...

4.3

CVE-2024-9351

  • EPSS 0.13%
  • Veröffentlicht 17.10.2024 06:15:03
  • Zuletzt bearbeitet 29.01.2025 16:51:37

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'c...

4.3

CVE-2024-9352

  • EPSS 0.13%
  • Veröffentlicht 17.10.2024 06:15:03
  • Zuletzt bearbeitet 29.01.2025 16:55:44

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom ...