Vfbpro Visual_form_builder

5 CVEs affecting Vfbpro Visual_form_builder. Latest disclosed: 2022-05-02. Critical: 1, High: 1.

Top CVEs affecting Vfbpro Visual_form_builder
CVESeverityScorePublishedSummary
CVE-2022-0142Critical9.82022-04-12The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that w…
CVE-2022-0141High8.12022-04-12The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and…
CVE-2022-0140Medium5.32022-04-12The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entr…
CVE-2022-1046Medium4.82022-05-02The Visual Form Builder WordPress plugin before 3.0.7 does not sanitise and escape the form's 'Email to' field , which could allow high privilege users to perf…
CVE-2021-24514Medium4.82021-10-25The Visual Form Builder WordPress plugin before 3.0.4 does not sanitise or escape its Form Name, allowing high privilege users such as admin to set Cross-Site…