VYPR

Forms

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-49485HigJul 18, 2025
    risk 0.56cvss epss 0.00

    A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter.

  • CVE-2021-24505MedAug 9, 2021
    risk 0.35cvss 5.4epss 0.01

    The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms "Add new" field.