cleantalk
Vulnerabilities and Security Researches

Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder, CVE-2025-15441

CVE, Research URL

CVE-2025-15441

Home page URL

Security reports for Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

Application

Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

Published on
Apr 13, 2026
Research Description
The Form Maker by 10Web WordPress plugin before 1.15.38 does not properly prepare SQL queries when the "MySQL Mapping" feature is in use, which could make SQL Injection attacks possible in certain contexts.
Affected versions
max 1.15.38.
Status
vulnerable
Previous vulnerability researches
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2024-43220) , Aug 13, 2024
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2024-6130) , Jul 02, 2024
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2025-15441) , Apr 15, 2026
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2026-1058) , Apr 15, 2026
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2026-39502) , Apr 15, 2026
New vulnerability
WooMS (CVE-2025-57957) , Apr 20, 2026
Simple User Registration (CVE-2026-0844) , Apr 20, 2026
Kubio AI Page Builder (CVE-2026-5427) , Apr 20, 2026
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2026-3330) , Apr 20, 2026
Sell Photo (2ce065d802b631a3fa4492d5366f0ffc4e0ee37b) , Apr 19, 2026