Cformsii_project Cformsii

9 CVEs affecting Cformsii_project Cformsii. Latest disclosed: 2024-01-08. Critical: 2, High: 1.

Top CVEs affecting Cformsii_project Cformsii
CVESeverityScorePublishedSummary
CVE-2017-18570Critical9.82019-08-22The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
CVE-2015-9333Critical9.82019-08-22The cforms2 plugin before 14.6.10 for WordPress has SQL injection.
CVE-2019-15238High8.82019-08-20The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.
CVE-2014-10393Medium6.12019-08-22The cforms2 plugin before 10.5 for WordPress has XSS.
CVE-2014-10392Medium6.12019-08-22The cforms2 plugin before 10.2 for WordPress has XSS.
CVE-2017-18559Medium6.12019-08-21The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.
CVE-2014-10377Medium6.12019-08-21The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php.
CVE-2023-52203Medium5.92024-01-08Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS…
CVE-2023-25449Medium4.32023-06-15Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.