Reputeinfosystems Arforms
12 CVEs affecting Reputeinfosystems Arforms. Latest disclosed: 2025-05-15. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4620 | Critical | 9.8 | 2024-06-07 | The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP co… |
CVE-2024-32706 | High | 8.5 | 2024-04-24 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARFo… |
CVE-2024-54216 | High | 7.7 | 2024-12-06 | Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms arforms allows Path Traversal.This issue affects ARForms: from n/a through <= 6.4.1. |
CVE-2024-32703 | High | 7.7 | 2024-06-09 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: f… |
CVE-2019-16902 | High | 7.5 | 2019-09-27 | In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full p… |
CVE-2024-32705 | High | 7.1 | 2024-06-09 | Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4. |
CVE-2024-32704 | High | 7.1 | 2024-06-09 | Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4. |
CVE-2024-32702 | High | 7.1 | 2024-04-24 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARFo… |
CVE-2024-0427 | Medium | 6.3 | 2024-06-12 | The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some o… |
CVE-2024-10504 | Medium | 5.4 | 2025-05-15 | The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the pag… |
CVE-2024-54217 | Medium | 5.4 | 2024-12-09 | Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.1. |
CVE-2024-4621 | Medium | 4.8 | 2024-06-07 | The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privi… |