Vulnerabilities and security researches forcubewp-forms cubewp-forms

Sep 28, 2024

CVE, Research URL: CVE-2024-47300
Home page URL: Security reports for CubeWP Forms – LeadGen & Contact Form
Application: CubeWP Forms – LeadGen & Contact Form
Date: Oct 06, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Stored XSS.This issue affects CubeWP Forms – All-in-One Form Builder: from n/a through 1.1.1.
Affected versions: Min -, max -.
Status: vulnerable

Jan 09, 2025

CVE, Research URL: CVE-2024-51651
Home page URL: Security reports for CubeWP Forms – LeadGen & Contact Form
Application: CubeWP Forms – LeadGen & Contact Form
Date: Jan 07, 2025
Research Description: Missing Authorization vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms – All-in-One Form Builder: from n/a through 1.1.5.
Affected versions: Min -, max -.
Status: vulnerable

Jun 20, 2025

CVE, Research URL: CVE-2025-49880
Home page URL: Security reports for CubeWP Forms – LeadGen & Contact Form
Application: CubeWP Forms – LeadGen & Contact Form
Date: Jun 17, 2025
Research Description: Missing Authorization vulnerability in Emraan Cheema CubeWP Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CubeWP Forms: from n/a through 1.1.5.
Affected versions: Min -, max -.
Status: vulnerable