Vulnerabilities > Flothemes

DATE	CVE	VULNERABILITY TITLE	RISK
2023-06-20	CVE-2023-35095	Unspecified vulnerability in Flothemes FLO Forms Auth. network low complexity flothemes	4.8
2023-06-07	CVE-2021-4367	Cross-site Scripting vulnerability in Flothemes FLO Forms The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with missing capability checks. network low complexity flothemes CWE-79	5.4
2022-04-25	CVE-2022-0541	Unspecified vulnerability in Flothemes Flo-Launch The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value. network low complexity flothemes critical	9.8

Vulnerabilities > Flothemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Flothemes"}]}