cleantalk
Vulnerabilities and Security Researches

Forms, CVE-2021-24505

CVE, Research URL

CVE-2021-24505

Home page URL

Security reports for Forms

Application

Forms

Published on
Aug 09, 2021
Research Description
The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms "Add new" field.
Affected versions
Min -, max 1.12.3.
Status
vulnerable
Previous vulnerability researches
Forms (CVE-2025-24775) , Aug 16, 2025
Forms (CVE-2021-24505) , Jun 06, 2024
Forms (CVE-2024-51791) , Nov 11, 2024
New vulnerability
Surbma | Recent Comments Shortcode (CVE-2025-7649) , Aug 17, 2025
Print My Blog – Print, PDF, & eBook Converter WordPress Plugin (CVE-2025-54740) , Aug 17, 2025
MDTF – Meta Data and Taxonomies Filter (CVE-2025-54707) , Aug 17, 2025
StoryChief (CVE-2025-7441) , Aug 17, 2025
Woocommerce Blocks – Woolook (CVE-2024-8393) , Aug 17, 2025