Vulnerabilities > Themekraft > Buddyforms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-23 | CVE-2023-26326 | Deserialization of Untrusted Data vulnerability in Themekraft Buddyforms The BuddyForms WordPress plugin, in versions prior to 2.7.8, was affected by an unauthenticated insecure deserialization issue. | 9.8 |
| 2019-08-27 | CVE-2018-21003 | SQL Injection vulnerability in Themekraft Buddyforms The buddyforms plugin before 2.2.8 for WordPress has SQL injection. | 9.8 |