Codepeople Calculated Fields Form — known CVE vulnerabilities
Every CVE whose affected-product data names Codepeople Calculated Fields Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2024-2020 — CVSS 7.2 (high): The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form page href parameter in all…
CVE-2024-29759 — CVSS 7.1 (high): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodePeople Calculated Fields Form…
CVE-2024-0963 — CVSS 6.4 (medium): The Calculated Fields Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's CP_CALCULATED_FIELDS…
CVE-2020-7228 — CVSS 5.4 (medium): The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input…
CVE-2024-12601 — CVSS 5.3 (medium): The Calculated Fields Form plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 5.2.63. This is…
CVE-2024-9940 — CVSS 5.3 (medium): The Calculated Fields Form plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 5.2.45. This is due…
CVE-2023-0389 — CVSS 4.8 (medium): The Calculated Fields Form WordPress plugin before 1.1.151 does not sanitise and escape some of its form settings, which could allow high…
CVE-2024-13381 — CVSS 4.8 (medium): The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-13382 — CVSS 4.8 (medium): The Calculated Fields Form WordPress plugin before 5.2.64 does not sanitise and escape some of its settings, which could allow high…
CVE-2023-26523 — CVSS 4.3 (medium): Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields…
CVE-2025-49291 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in codepeople Calculated Fields Form calculated-fields-form allows Cross Site Request…
CVE-2023-51517 — CVSS 4.1 (medium): URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CodePeople Calculated Fields Form.This issue affects Calculated Fields…
CVE-2024-12273 — CVSS 3.5 (low): The Calculated Fields Form WordPress plugin before 5.2.62 does not sanitise and escape some of its settings, which could allow high…