Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3463 | 1 Fluentforms | 1 Contact Form | 2022-11-09 | N/A | 9.8 CRITICAL |
| The Contact Form Plugin WordPress plugin before 4.3.13 does not validate and escape fields when exporting form entries as CSV, leading to a CSV injection | |||||
| CVE-2021-34620 | 1 Fluentforms | 1 Contact Form | 2022-11-07 | 6.8 MEDIUM | 8.8 HIGH |
| The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions | |||||