Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder 1.5.4

  • Severity: high-risk
  • Status: Fixed
  • Publication: November 23, 2022

The ARForms Form Builder plugin for WordPress is not secure in versions up to 1.5.4. This means that people who are not authorized to access the website can inject code onto pages which will run when any user visits these pages. This is possible because of a lack of safeguards to prevent this kind of activity.

Detected in:

Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder fixed vulnerable versions: >= * <= 1.5.6
Contact Form, Survey, Quiz & Popup Form Builder – ARForms fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.