Vulnerabilities > Wpmudev > Forminator Forms > 1.9.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-27 | CVE-2025-0469 | Cross-site Scripting vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slider template data in all versions up to, and including, 1.39.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-26 | CVE-2024-10402 | Unspecified vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.35.1. | 8.8 |
| 2024-10-17 | CVE-2024-9351 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. | 4.3 |
| 2024-10-17 | CVE-2024-9352 | Cross-Site Request Forgery (CSRF) vulnerability in Wpmudev Forminator Forms The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. | 4.3 |