cleantalk
Vulnerabilities and Security Researches

Form Block, CVE-2023-30616

CVE, Research URL

CVE-2023-30616

Home page URL

Security reports for Form Block

Application

Form Block

Published on
Apr 20, 2023
Research Description
Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability.
Affected versions
Min -, max 1.0.2.
Status
vulnerable
Previous vulnerability researches
Form Block (CVE-2025-54693) , Aug 12, 2025
Form Block (CVE-2023-30616) , Jun 07, 2024
New vulnerability
Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler (CVE-2025-54028) , Aug 13, 2025
Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks (CVE-2025-54007) , Aug 13, 2025
WooCommerce Purchase Orders (CVE-2025-5391) , Aug 13, 2025
RentSyst – CRM solution for fleet management (CVE-2025-48152) , Aug 12, 2025
Mosaic Generator (CVE-2025-8621) , Aug 12, 2025