Vulnerabilities > Flothemes > FLO Forms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-20 | CVE-2023-35095 | Unspecified vulnerability in Flothemes FLO Forms Auth. | 4.8 |
| 2023-06-07 | CVE-2021-4367 | Cross-site Scripting vulnerability in Flothemes FLO Forms The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Options Change by using the flo_import_forms_options AJAX action in versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping along with missing capability checks. | 5.4 |