Cformsii Project

cformsii_project

9 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-52203 1Cformsii Project 1Cformsii Jun 17, 2026 Jan 8, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5.
CVE-2023-25449 1Cformsii Project 1Cformsii Jun 17, 2026 Jun 15, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.
CVE-2014-10393 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 22, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The cforms2 plugin before 10.5 for WordPress has XSS.
CVE-2014-10392 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 22, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The cforms2 plugin before 10.2 for WordPress has XSS.
CVE-2017-18570 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.
CVE-2015-9333 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 22, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The cforms2 plugin before 14.6.10 for WordPress has SQL injection.
CVE-2017-18559 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.
CVE-2014-10377 1Cformsii Project 1Cformsii Nov 21, 2024 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php.
CVE-2019-15238 1Cformsii Project 1Cformsii Jun 17, 2026 Aug 20, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.