Plugin icon

cformsII

cforms2

Vulnerabilities:

9

Last Updated:

April 9, 2024

Active Installs:

6000

Published
Title
Fixed in
CVSS
Published
2024-01-15
Title
CformsII < 15.0.7 - Unauthenticated Stored XSS
Fixed in
Fixed in 15.0.7
CVSS
8.8 (high)
Published
2024-01-03
Title
CformsII < 15.0.7 - Admin+ Stored XSS
Fixed in
Fixed in 15.0.7
CVSS
3.5 (low)
Published
2023-03-08
Title
CformsII <15.0.4 - Settings Update via CSRF
Fixed in
Fixed in 15.0.5
CVSS
4.3 (medium)
Published
2019-08-12
Title
Cforms & CformsII <= 15.0.1 - Unauthenticated HTML Injection & CSRF
Fixed in
Fixed in 15.0.2
CVSS
8.8 (high)
Published
2017-04-28
Title
Cforms & CformsII < 14.13.3 - Multiple XSS
Fixed in
Fixed in 14.13.3
CVSS
6.1 (medium)
Published
2017-04-24
Title
Cforms & CformsII < 14.13 - SQL Injection
Fixed in
Fixed in 14.13
CVSS
9.8 (critical)
Published
2015-04-11
Title
Cforms & CformsII < 14.6.10 - SQL Injection
Fixed in
Fixed in 14.6.10
CVSS
9.8 (critical)
Published
2014-12-30
Title
Cforms & CformsII <= 14.7 - Remote Code Execution via Unauthorised File Upload
Fixed in
Fixed in 14.8
CVSS
n/a
Published
2010-12-15
Title
Cforms & CformsII <= 14.10.1 - CAPTCHA Bypass
Fixed in
Fixed in 14.11
CVSS
n/a