Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Formbuilder
(Formbuilder_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-04-04 | CVE-2022-0830 | The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make logged in admin update and delete arbitrary forms via a CSRF attack, and put Cross-Site Scripting payloads in them. | Formbuilder | 6.5 | ||
| 2019-08-21 | CVE-2016-10910 | The formbuilder plugin before 1.06 for WordPress has multiple XSS issues. | Formbuilder | 6.1 | ||
| 2019-08-21 | CVE-2012-6715 | The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header. | Formbuilder | 6.1 |