Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder 2.05.03

  • Severity: high-risk
  • Status: Fixed
  • Publication: November 13, 2017

The Formidable Form Builder plugin for WordPress is vulnerable to a security issue called Stored Cross-Site Scripting. This affects versions of the plugin released before version 2.05.03. It means that attackers who are not authenticated can inject malicious web scripts into the system, which can then be executed by victims in their browsers. To fix the issue, you need to make sure you have the latest version of the plugin installed.

Detected in:

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz & Calculator Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder fixed vulnerable versions: >= * < 2.05.03
Formidable Forms – Contact Form, Survey, Quiz, Calculator, Payment & Custom Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Payment & Calculator Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.