VYPR

Contact Form

by Fluentforms

Source repositories

CVEs (11)

  • CVE-2024-2771CriMay 18, 2024
    risk 0.58cvss 9.8epss 0.02

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including,…

  • CVE-2024-4157HigMay 22, 2024
    risk 0.42cvss 7.5epss 0.01

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.15 via deserialization of untrusted input in the extractDynamicValues function. This…

  • CVE-2024-2782HigMay 18, 2024
    risk 0.42cvss 7.5epss 0.01

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up…

  • CVE-2023-24410MedOct 31, 2023
    risk 0.36cvss 5.5epss 0.01

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects…

  • CVE-2024-4709MedMay 18, 2024
    risk 0.35cvss 6.4epss 0.00

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output…

  • CVE-2024-2772MedMay 18, 2024
    risk 0.35cvss 6.4epss 0.00

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in all versions up to, and including, 5.1.13 due to insufficient input sanitization and output escaping.…

  • CVE-2023-6957MedMar 13, 2024
    risk 0.32cvss 4.9epss 0.00

    The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject…

  • CVE-2024-6521MedJul 27, 2024
    risk 0.22cvss 4.4epss 0.00

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dropdown fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output…

  • CVE-2024-6520MedJul 27, 2024
    risk 0.22cvss 4.4epss 0.00

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom error message in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output…

  • CVE-2024-6518MedJul 27, 2024
    risk 0.22cvss 4.4epss 0.00

    The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via input fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping.…

  • CVE-2024-0618MedJan 27, 2024
    risk 0.22cvss 4.4epss 0.01

    The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported form titles in all versions up to, and including, 5.1.5 due to insufficient input sanitization and output…