Vulnerabilities and security researches forhtml-forms html-forms
Direction: ascendingJun 07, 2024
HTML Forms # CVE-2023-50836
- CVE, Research URL
- Home page URL
- Application
- Date
- Dec 28, 2023
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibericode HTML Forms allows Stored XSS.This issue affects HTML Forms: from n/a through 1.3.28.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
HTML Forms # CVE-2022-3689
- CVE, Research URL
- Home page URL
- Application
- Date
- Nov 28, 2022
- Research Description
- The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Aug 02, 2024
HTML Forms # CVE-2024-6412
- CVE, Research URL
- Home page URL
- Application
- Date
- Jul 31, 2024
- Research Description
- The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Dec 22, 2024
HTML Forms # CVE-2024-56060
- CVE, Research URL
- Home page URL
- Application
- Date
- Jan 02, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HTML Forms allows Reflected XSS.This issue affects HTML Forms: from n/a through 1.4.1.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable
Apr 03, 2025
HTML Forms # CVE-2025-31080
- CVE, Research URL
- Home page URL
- Application
- Date
- Apr 02, 2025
- Research Description
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.1.
- Affected versions
-
Min -, max -.
- Status
-
vulnerable