Formbuilder Project

formbuilder_project

3 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-0830 1Formbuilder Project 1Formbuilder Jun 17, 2026 Apr 4, 2022 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make...Show more The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make logged in admin update and delete arbitrary forms via a CSRF attack, and put Cross-Site Scripting payloads in them.Show less
CVE-2016-10910 1Formbuilder Project 1Formbuilder Nov 21, 2024 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The formbuilder plugin before 1.06 for WordPress has multiple XSS issues.
CVE-2012-6715 1Formbuilder Project 1Formbuilder Nov 21, 2024 Aug 21, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header.