Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Forms Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3834 1 Google Forms Project 1 Google Forms 2022-11-29 N/A 4.8 MEDIUM
The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVE-2018-20988 1 Google Forms Project 1 Google Forms 2020-08-24 5.0 MEDIUM 7.5 HIGH
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation.