Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cformsii
(Cformsii_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 9 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-06-15 | CVE-2023-25449 | Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions. | Cformsii | 8.8 | ||
| 2024-01-08 | CVE-2023-52203 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5. | Cformsii | 4.8 | ||
| 2019-08-21 | CVE-2014-10377 | The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php. | Cformsii | 6.1 | ||
| 2019-08-21 | CVE-2017-18559 | The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues. | Cformsii | 6.1 | ||
| 2019-08-22 | CVE-2015-9333 | The cforms2 plugin before 14.6.10 for WordPress has SQL injection. | Cformsii | 9.8 | ||
| 2019-08-22 | CVE-2017-18570 | The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries. | Cformsii | 9.8 | ||
| 2019-08-22 | CVE-2014-10393 | The cforms2 plugin before 10.5 for WordPress has XSS. | Cformsii | 6.1 | ||
| 2019-08-22 | CVE-2014-10392 | The cforms2 plugin before 10.2 for WordPress has XSS. | Cformsii | 6.1 | ||
| 2019-08-20 | CVE-2019-15238 | The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field. | Cformsii | 8.8 |