Vulnerabilities > Weformspro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-29 | CVE-2023-50896 | Cross-site Scripting vulnerability in Weformspro Weforms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17. | 4.8 |
2020-11-04 | CVE-2020-22276 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Weformspro Weforms 1.4.7 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | 7.5 |