VYPR

Formcraft

by Ncrafts

CVEs (3)

  • CVE-2013-7187Dec 20, 2013
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in form.php in the FormCraft plugin 1.3.7 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.

  • CVE-2023-22717May 15, 2023
    risk 0.00cvss epss 0.00

    Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin <= 1.2.6 versions.

  • CVE-2019-5920Mar 12, 2019
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page.