Techjewel Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder
25 CVEs affecting Techjewel Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder. Latest disclosed: 2026-05-14. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-2771 | Critical | 9.8 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a m… |
CVE-2026-5395 | High | 8.2 | 2026-05-14 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Referen… |
CVE-2026-5396 | High | 8.2 | 2026-05-14 | The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This is d… |
CVE-2024-4157 | High | 7.5 | 2024-05-22 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all ver… |
CVE-2024-2782 | High | 7.5 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of da… |
CVE-2024-10646 | High | 7.2 | 2024-12-14 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2025-9260 | Medium | 6.5 | 2025-09-02 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to PHP Object Injection in versio… |
CVE-2026-6828 | Medium | 6.4 | 2026-05-13 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi… |
CVE-2026-0996 | Medium | 6.4 | 2026-02-10 | The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14… |
CVE-2025-3615 | Medium | 6.4 | 2025-04-17 | The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form-submission.js script in all versions up to, and including, 6.0… |
CVE-2024-4709 | Medium | 6.4 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-2772 | Medium | 6.4 | 2024-05-18 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2026-4160 | Medium | 5.3 | 2026-04-16 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Referen… |
CVE-2025-13722 | Medium | 5.3 | 2026-01-07 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Missing Authorization in all v… |
CVE-2025-13748 | Medium | 5.3 | 2025-12-06 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Referen… |
CVE-2024-13666 | Medium | 5.3 | 2025-03-22 | The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all ver… |
CVE-2026-6344 | Medium | 4.9 | 2026-05-06 | The Fluent Forms plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 6.2.1. This is due to insufficient path validation i… |
CVE-2024-9528 | Medium | 4.9 | 2024-10-05 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2024-6703 | Medium | 4.9 | 2024-07-27 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via… |
CVE-2023-6957 | Medium | 4.9 | 2024-03-13 | The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5… |