Linksoftwarellc Html Forms — known CVE vulnerabilities
Every CVE whose affected-product data names Linksoftwarellc Html Forms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-3689 — CVSS 7.2 (high): The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to…
CVE-2024-6412 — CVSS 6.5 (medium): The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users…
CVE-2025-46236 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms…
CVE-2023-50836 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored…
CVE-2024-6243 — CVSS 4.8 (medium): The HTML Forms WordPress plugin before 1.3.33 does not sanitize and escape the form message inputs, allowing high-privilege users, such as…