cleantalk
Vulnerabilities and Security Researches

Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder, CVE-2021-24608

CVE, Research URL

CVE-2021-24608

Home page URL

Security reports for Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

Application

Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder

Published on
Oct 25, 2021
Research Description
The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Affected versions
Min -, max 5.0.07.
Status
vulnerable
Previous vulnerability researches
Formidable – Clockwork SMS (CVE-2017-17780) , Jun 07, 2024
Formidable PRO2PDF (9edf05f0daa525bd6ee144e3e02d24e0339516f5) , Jun 07, 2024
Formidable PRO2PDF (CVE-2023-28663) , Jun 10, 2024
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder (CVE-2021-24884) , Jun 07, 2024
Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder (CVE-2019-15780) , Jun 07, 2024
New vulnerability
EZ SQL Reports Shortcode Widget and DB Backup (CVE-2025-6462) , Jul 01, 2025
Related Products Manager for WooCommerce (CVE-2025-50045) , Jul 01, 2025
web-cam (CVE-2025-6540) , Jul 01, 2025
WPShapere Lite (CVE-2025-53317) , Jul 01, 2025
WP Edit (CVE-2025-53253) , Jul 01, 2025