Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-24444
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated malicious user to gather information...
Adobe Experience Manager Forms Add-on 6.4.8.2
Adobe Experience Manager Forms Add-on 6.5.6.0
9.3
CVSSv2
CVE-2021-37334
Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vulnerable to a security flaw that could lead to a remote code execution attack and/or arbitrary file deletion. A vulnerability occurs because validation of the file extension is performed after the file has been...
Umbraco Forms
3.5
CVSSv2
CVE-2021-24505
The Forms WordPress plugin prior to 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms "Add new" field.
Madeit Forms
3.5
CVSSv2
CVE-2012-2340
The Contact Forms module 7.x-1.x prior to 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" permission to modify the module settings via unspecified vectors.
Geoff Davies Contact Forms 7.x-1.1
Geoff Davies Contact Forms 7.x-1.x
4.3
CVSSv2
CVE-2018-7280
The Ninja Forms plugin prior to 3.2.14 for WordPress has XSS.
Ninjaforms Ninja Forms
NA
CVE-2023-35095
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin <= 1.0.40 versions.
Flothemes Flo Forms
6.8
CVSSv2
CVE-2018-16308
The Ninja Forms plugin prior to 3.3.14.1 for WordPress allows CSV injection.
Ninjaforms Ninja Forms
5
CVSSv2
CVE-2020-7685
This affects all versions of package UmbracoForms. When using the default configuration for upload forms, it is possible to upload arbitrary file types. The package offers a way for users to mitigate the issue. The users of this package can create a custom workflow and frontend v...
Umbraco Umbraco Forms
4.3
CVSSv2
CVE-2017-18495
The gravity-forms-sms-notifications plugin prior to 2.4.0 for WordPress has XSS.
Mediaburst Gravity Forms
4.3
CVSSv2
CVE-2017-18497
The liveforms plugin prior to 3.4.0 for WordPress has XSS.
W3eden Live Forms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »