Vulnerabilities > Strategy11 > Formidable Forms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-05 | CVE-2024-0660 | Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Formidable Forms The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.7.2. | 4.3 |
| 2024-01-16 | CVE-2023-1405 | Deserialization of Untrusted Data vulnerability in Strategy11 Formidable Forms The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present. | 7.5 |
| 2023-06-27 | CVE-2023-2877 | Unspecified vulnerability in Strategy11 Formidable Forms The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. | 8.8 |