Fluentforms Contact_form
19 CVEs affecting Fluentforms Contact_form. Latest disclosed: 2024-12-14. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2771 | Critical | 9.8 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a m… |
CVE-2022-3463 | Critical | 9.8 | 2022-11-07 | The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection |
CVE-2021-34620 | High | 8.8 | 2021-07-07 | The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Esca… |
CVE-2024-4157 | High | 7.5 | 2024-05-22 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all ver… |
CVE-2024-2782 | High | 7.5 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of da… |
CVE-2024-10646 | High | 7.2 | 2024-12-14 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-4709 | Medium | 6.4 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-2772 | Medium | 6.4 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-9651 | Medium | 6.1 | 2024-12-09 | The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perf… |
CVE-2023-24410 | Medium | 5.5 | 2023-10-31 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fa… |
CVE-2023-0546 | Medium | 5.4 | 2023-04-10 | The Contact Form Plugin WordPress plugin before 4.3.25 does not properly sanitize and escape the srcdoc attribute in iframes in it's custom HTML field type, al… |
CVE-2024-9528 | Medium | 4.9 | 2024-10-05 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-6703 | Medium | 4.9 | 2024-07-27 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2023-6957 | Medium | 4.9 | 2024-03-13 | The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5… |
CVE-2024-6521 | Medium | 4.4 | 2024-07-27 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-6520 | Medium | 4.4 | 2024-07-27 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-6518 | Medium | 4.4 | 2024-07-27 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-0618 | Medium | 4.4 | 2024-01-27 | The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting v… |
CVE-2024-5053 | Medium | 4.2 | 2024-09-01 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized Malichimp API key… |