cleantalk
Vulnerabilities and Security Researches

BuddyForms Form Elements for WooCommerce, 39d1f22f-ea34-4d94-9dc2-12661cf69d36

CVE, Research URL

39d1f22f-ea34-4d94-9dc2-12661cf69d36

Home page URL

Security reports for BuddyForms Form Elements for WooCommerce

Application

BuddyForms Form Elements for WooCommerce

Published on
-
Research Description
BuddyForms Form Elements for WooCommerce [buddyforms-woocommerce-form-elements] < 1.4.3 (closed) Freemius SDK &lt; 2.5.10 - Reflected Cross-Site Scripting The Freemius SDK for WordPress does not adequately sanitize inputs or escape outputs, leading to Reflected Cross-Site Scripting. This directly affects over 1000 plugins and themes that use this SDK.
Affected versions
Min -, max 1.4.3.
Status
vulnerable
Previous vulnerability researches
BuddyForms Form Elements for WooCommerce (39d1f22f-ea34-4d94-9dc2-12661cf69d36) , Jun 07, 2024
New vulnerability
WordPress Job Board and Recruitment Plugin &#8211; JobWP (CVE-2025-2010) , Apr 20, 2025
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025