Boldgrid Weforms – Easy Drag & Drop Contact Form Builder For Wordpress
2 CVEs affecting Boldgrid Weforms – Easy Drag & Drop Contact Form Builder For Wordpress. Latest disclosed: 2026-03-11. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-0386 | High | 7.2 | 2024-03-12 | The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Referer' HTTP header in all versions up to, and including, 1.6.21 due to… |
CVE-2026-2707 | Medium | 6.4 | 2026-03-11 | The weForms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API entry submission endpoint in all versions up to, and including… |