Vulnerabilities > Weformspro

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-12	CVE-2023-51524	Missing Authorization vulnerability in Weformspro Weforms Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18. network low complexity weformspro CWE-862	8.8
2024-06-09	CVE-2024-30512	Missing Authorization vulnerability in Weformspro Weforms Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. network low complexity weformspro CWE-862 critical	9.1
2023-12-29	CVE-2023-50896	Cross-site Scripting vulnerability in Weformspro Weforms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17. network low complexity weformspro CWE-79	4.8
2022-08-08	CVE-2022-2395	Cross-site Scripting vulnerability in Weformspro Weforms The weForms WordPress plugin before 1.6.14 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. network low complexity weformspro CWE-79	4.8
2020-11-04	CVE-2020-22276	Improper Neutralization of Formula Elements in a CSV File vulnerability in Weformspro Weforms 1.4.7 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. network low complexity weformspro CWE-1236 critical	9.8

Vulnerabilities > Weformspro {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Weformspro"}]}

Vulnerabilities > Weformspro