Strategy11 Formidable Forms — known CVE vulnerabilities
Every CVE whose affected-product data names Strategy11 Formidable Forms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2023-2877 — CVSS 8.8 (high): The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality…
CVE-2023-1405 — CVSS 7.5 (high): The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection…
CVE-2024-0660 — CVSS 6.1 (medium): The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to…
CVE-2024-11188 — CVSS 6.1 (medium): The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is…
CVE-2024-23522 — CVSS 5.3 (medium): Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable…
CVE-2024-6725 — CVSS 4.9 (medium): The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is…
CVE-2024-9768 — CVSS 4.8 (medium): The Formidable Forms WordPress plugin before 6.14.1 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2022-45806 — CVSS 4.3 (medium): Missing Authorization vulnerability in Strategy11 Form Builder Team Formidable Forms allows Exploiting Incorrectly Configured Access…