Vulnerabilities and Security Researches

Vulnerabilities and security researches forhtml-forms html-forms

Direction: ascending

Jun 07, 2024

HTML Forms # CVE-2023-50836

CVE, Research URL: CVE-2023-50836
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Dec 28, 2023
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28.
Affected versions: Min -, max -.
Status: vulnerable

HTML Forms # CVE-2022-3689

CVE, Research URL: CVE-2022-3689
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Nov 28, 2022
Research Description: The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users
Affected versions: Min -, max -.
Status: vulnerable

Aug 02, 2024

HTML Forms # CVE-2024-6412

CVE, Research URL: CVE-2024-6412
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Jul 31, 2024
Research Description: The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Affected versions: Min -, max -.
Status: vulnerable

Dec 22, 2024

HTML Forms # CVE-2024-56060

CVE, Research URL: CVE-2024-56060
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Jan 02, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HTML Forms allows Reflected XSS.This issue affects HTML Forms: from n/a through 1.4.1.
Affected versions: Min -, max -.
Status: vulnerable

Apr 03, 2025

HTML Forms # CVE-2025-31080

CVE, Research URL: CVE-2025-31080
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Apr 02, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.1.
Affected versions: Min -, max -.
Status: vulnerable

Apr 24, 2025

HTML Forms # CVE-2025-46236

CVE, Research URL: CVE-2025-46236
Home page URL: Security reports for HTML Forms
Application: HTML Forms
Date: Apr 22, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2.
Affected versions: Min -, max -.
Status: vulnerable