Vulnerabilities > Fluentforms > Contact Form > 4.3.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-27 | CVE-2024-0618 | Cross-site Scripting vulnerability in Fluentforms Contact Form The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported form titles in all versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping. | 4.8 |
| 2023-10-31 | CVE-2023-24410 | Unspecified vulnerability in Fluentforms Contact Form Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25. | 9.8 |