VYPR

Eform Wordpress Form Builder

by WordPress

CVEs (2)

  • CVE-2025-1294HigApr 24, 2025
    WordPress
    Eform Wordpress Form Builder
    risk 0.47cvss 7.2epss 0.01

    The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary…

  • CVE-2025-48333HigJun 17, 2025
    WordPress
    Eform Wordpress Form Builder
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPQuark eForm - WordPress Form Builder wp-fsqm-pro allows Reflected XSS.This issue affects eForm - WordPress Form Builder: from n/a through < 4.19.1.