Vulnerabilities > Happyforms

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-48752 Cross-site Scripting vulnerability in Happyforms
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: from n/a through 1.25.9.
network
low complexity
happyforms CWE-79
6.1
2023-02-06 CVE-2023-0096 Unspecified vulnerability in Happyforms
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
network
low complexity
happyforms
5.4