weForms – Easy Drag & Drop Contact Form Builder For WordPress

This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Vulnerabilities

  • Input validation vulnerability in OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) *

    Fixed

    Several add-ons for WordPress are at risk of being hacked and redirecting users to harmful websites. This is because they rely on a tool called Polyfill.io. Polyfill.io is a type of code that helps w...

    Read More
  • Access violation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.6.20

    Fixed

    The weForms plugin for WordPress has a security issue that allows unauthorized access. This happens because a check is missing in the handle_frontend_submission() function in versions up to 1.6.20. T...

    Read More
  • Input validation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.6.21

    Fixed

    The weForms add-on for WordPress has a security vulnerability that allows attackers to insert harmful scripts into web pages. This can happen when a user accesses a page that has been injected with t...

    Read More
  • Access violation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.6.18

    Fixed

    The weForms plugin for WordPress is a piece of software that helps users create and manage forms when using a WordPress website. In versions up to and including 1.6.18 of this plugin, there is a vuln...

    Read More
  • Input validation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.6.17

    Fixed

    The weForms - Easy Drag & Drop Contact Form Builder For WordPress plugin for WordPress has a security issue that affects some versions up to 1.6.18. This issue allows attackers who have administr...

    Read More
  • Input validation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.4.7

    Fixed

    The WeForms Wordpress Plugin version 1.4.7 has a security vulnerability which allows people to input malicious data into forms on a website through a CSV file.

    Read More
  • Input validation vulnerability in weForms – Easy Drag & Drop Contact Form Builder For WordPress 1.6.13

    Fixed

    The weForms plugin for WordPress is not secure in versions up to and including 1.6.13. Attackers with administrative level permissions or higher can inject malicious web scripts into pages. This will ...

    Read More