VYPR

Drag & Drop WordPress Form Builder

by WordPress

CVEs (3)

  • CVE-2025-13205MedJan 24, 2026
    risk 0.28cvss 4.3epss 0.00

    The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.2. This is due to missing or incorrect nonce validation on the…

  • CVE-2025-13139MedJan 24, 2026
    risk 0.21cvss 4.3epss 0.00

    The SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.5.2. This is due to missing nonce validation on the SurveyJS_AddSurvey AJAX action. This makes it possible for…

  • CVE-2025-13140MedDec 2, 2025
    risk 0.21cvss 4.3epss 0.00

    The SurveyJS: Drag & Drop WordPress Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12.20. This is due to missing nonce validation on the SurveyJS_DeleteSurvey AJAX action. This makes it possible for…