Wpmudev Forminator_forms
10 CVEs affecting Wpmudev Forminator_forms. Latest disclosed: 2025-06-05. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-10402 | High | 7.5 | 2024-10-26 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability c… |
CVE-2025-5341 | Medium | 6.4 | 2025-06-05 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id' and 'dat… |
CVE-2025-3487 | Medium | 6.4 | 2025-04-17 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ param… |
CVE-2025-0469 | Medium | 6.4 | 2025-02-27 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slider templa… |
CVE-2025-0470 | Medium | 6.1 | 2025-01-31 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the title para… |
CVE-2025-3479 | Medium | 5.3 | 2025-04-17 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including… |
CVE-2024-9700 | Medium | 5.3 | 2024-10-31 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions… |
CVE-2024-7052 | Medium | 4.8 | 2025-02-14 | The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to… |
CVE-2024-9352 | Medium | 4.3 | 2024-10-17 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to… |
CVE-2024-9351 | Medium | 4.3 | 2024-10-17 | The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to… |