Latest

WP-FormAssembly

WP-FormAssembly on WordPress.org
Current version: 3.0.2
Last update: May 27, 2025
Known issues: Open

FormAssembly has launched a WordPress plugin that allows users to embed web forms into their websites. The all-in-one form builder and data collection platform can be used to create contact forms, applications, payment forms, and surveys, and integrate data with Salesforce, PayPal, Google Apps, and more. The platform is GDPR/CCPA compliant, has PCI DSS Level 1 Certification, and encryption at rest. Users can sign up for a free trial at FormAssembly.com/sign-up.

Open source

This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Vulnerabilities

Input validation vulnerability in WP-FormAssembly 2.0.11

Fixed

The WP-FormAssembly plugin for WordPress has a security issue called Stored Cross-Site Scripting. This happens when the plugin's 'formassembly' shortcode is used, and can affect all versions up to 2....
Read More
Input validation vulnerability in WP-FormAssembly 2.0.10

Fixed

The WP-FormAssembly plugin for WordPress has a security issue called Stored Cross-Site Scripting that affects all versions up to and including 2.0.10. This is because the plugin doesn't properly clea...
Read More
Access violation vulnerability in WP-FormAssembly 2.0.5

Fixed

The WP-FormAssembly plugin for WordPress has a security flaw in versions up to 2.0.5. People with lower levels of access can use this flaw to read the contents of any file on the server
Read More
Input validation vulnerability in WP-FormAssembly 2.0.7

Fixed

The WP-FormAssembly plugin for WordPress is vulnerable to a type of attack called Stored Cross-Site Scripting. In versions up to and including 2.0.7, the plugin does not properly check user supplied ...
Read More
Input validation vulnerability in WP-FormAssembly 2.0.9

Fixed

The WP-FormAssembly plugin for WordPress is a software that has a security vulnerability in versions up to 2.0.8. This vulnerability allows people with certain access privileges to make web requests ...
Read More

Latest

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

WP-FormAssembly

Vulnerabilities

Input validation vulnerability in WP-FormAssembly 2.0.11

Input validation vulnerability in WP-FormAssembly 2.0.10

Access violation vulnerability in WP-FormAssembly 2.0.5

Input validation vulnerability in WP-FormAssembly 2.0.7

Input validation vulnerability in WP-FormAssembly 2.0.9

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Protecting site visitors with Security Headers

Hardening your website’s security

WP-FormAssembly

Vulnerabilities

Input validation vulnerability in WP-FormAssembly 2.0.11

Input validation vulnerability in WP-FormAssembly 2.0.10

Access violation vulnerability in WP-FormAssembly 2.0.5

Input validation vulnerability in WP-FormAssembly 2.0.7

Input validation vulnerability in WP-FormAssembly 2.0.9