Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder 5.5.6

  • Severity: high-risk
  • Status: Fixed
  • Publication: February 1, 2023

The Formidable Form Builder plugin for WordPress is not secure in versions up to 5.5.6. This means that unauthenticated attackers can delete form entries without permission by getting a site administrator to click on a link. This is because the ‘destroy’ function does not have the correct security measures in place.

Detected in:

Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz & Calculator Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Calculator & Custom Form Builder fixed vulnerable versions: >= * <= 5.5.6
Formidable Forms – Contact Form, Survey, Quiz, Calculator, Payment & Custom Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Payment & Calculator Form Builder fixed vulnerable versions:
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.