Vulnerabilities > Incsub > Forminator > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-04 | CVE-2023-2010 | Race Condition vulnerability in Incsub Forminator The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. | 3.1 |
| 2021-11-23 | CVE-2021-24700 | Cross-site Scripting vulnerability in Incsub Forminator The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 3.5 |