Fluentforms Contact Form — known CVE vulnerabilities
Every CVE whose affected-product data names Fluentforms Contact Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2024-2771 — CVSS 9.8 (critical): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege…
CVE-2022-3463 — CVSS 9.8 (critical): The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a…
CVE-2021-34620 — CVSS 8.8 (high): The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and…
CVE-2024-2782 — CVSS 7.5 (high): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to…
CVE-2024-4157 — CVSS 7.5 (high): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object…
CVE-2024-10646 — CVSS 7.2 (high): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-2772 — CVSS 6.4 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-4709 — CVSS 6.4 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-9651 — CVSS 6.1 (medium): The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings, which could allow high privilege users…
CVE-2023-24410 — CVSS 5.5 (medium): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC…
CVE-2023-0546 — CVSS 5.4 (medium): The Contact Form Plugin WordPress plugin before 4.3.25 does not properly sanitize and escape the srcdoc attribute in iframes in it's custom…
CVE-2024-9528 — CVSS 4.9 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2023-6957 — CVSS 4.9 (medium): The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up…
CVE-2024-6703 — CVSS 4.9 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-0618 — CVSS 4.4 (medium): The Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored…
CVE-2024-6518 — CVSS 4.4 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-6520 — CVSS 4.4 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-6521 — CVSS 4.4 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored…
CVE-2024-5053 — CVSS 4.2 (medium): The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to…