Subtlewebinc Formcraft3 — known CVE vulnerabilities
Every CVE whose affected-product data names Subtlewebinc Formcraft3, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2022-0591 — CVSS 9.1 (critical): The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues…