High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-16	CVE-2023-1405	Deserialization of Untrusted Data vulnerability in Strategy11 Formidable Forms The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present. network low complexity strategy11 CWE-502	7.5
2023-06-27	CVE-2023-2877	Unspecified vulnerability in Strategy11 Formidable Forms The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. network low complexity strategy11	8.8