Convert Forms Project Convert Forms — known CVE vulnerabilities
Every CVE whose affected-product data names Convert Forms Project Convert Forms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-40744 — CVSS 9.8 (critical): Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8.
CVE-2018-10063 — CVSS 7.8 (high): The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when…
CVE-2024-40745 — CVSS 5.4 (medium): Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8.
CVE-2025-22212 — CVSS 2.7 (low): A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers…