Verbb Formie
5 CVEs affecting Verbb Formie. Latest disclosed: 2026-05-29. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-45697 | Critical | 9.8 | 2026-05-29 | Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default… |
CVE-2025-32426 | Medium | 4.6 | 2025-04-11 | Formie is a Craft CMS plugin for creating forms. Prior to version 2.1.44, it is possible to inject malicious code into the HTML content of an email notificatio… |
CVE-2024-35191 | Medium | 4.4 | 2024-05-20 | Formie is a Craft CMS plugin for creating forms. Prior to 2.1.6, users with access to a form's settings can include malicious Twig code into fields that suppor… |
CVE-2026-47266 | | 2026-05-29 | Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or gues… | |
CVE-2025-32427 | | 2025-04-11 | Formie is a Craft CMS plugin for creating forms. Prior to 2.1.44, when importing a form from JSON, if the field label or handle contained malicious content, th… |