Vulnerabilities > Reputeinfosystems > Arforms Form Builder > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-11 | CVE-2023-6828 | Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ arf_http_referrer_url’ parameter in all versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2023-04-18 | CVE-2022-45838 | Cross-site Scripting vulnerability in Reputeinfosystems Arforms Form Builder Unauth. | 6.1 |