← Back

Formbuilder Project

formbuilder_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Formbuilder
formbuilder

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
1Formbuilder Project
1Formbuilder
Jun 17, 2026
Apr 4, 2022
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make...Show more
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make logged in admin update and delete arbitrary forms via a CSRF attack, and put Cross-Site Scripting payloads in them.Show less
1Formbuilder Project
1Formbuilder
Nov 21, 2024
Aug 21, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The formbuilder plugin before 1.06 for WordPress has multiple XSS issues.
1Formbuilder Project
1Formbuilder
Nov 21, 2024
Aug 21, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header.