VYPR

Form Vibes

by Wpvibes

Source repositories

CVEs (3)

  • CVE-2024-5325HigJul 12, 2024
    risk 0.50cvss 8.8epss 0.00

    The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the ‘fv_export_data’ parameter in all versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This…

  • CVE-2024-5309MedSep 5, 2024
    risk 0.28cvss 5.4epss 0.00

    The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the fv_export_csv, reset_settings, save_settings, save_columns_settings, get_analytics_data,…

  • CVE-2022-3764Jan 16, 2024
    risk 0.00cvss epss 0.01

    The plugin does not filter the "delete_entries" parameter from user requests, leading to an SQL Injection vulnerability.