cleantalk
Vulnerabilities and Security Researches

Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms, CVE-2023-48752

CVE, Research URL

CVE-2023-48752

Home page URL

Security reports for Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms

Application

Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms

Published on
Nov 30, 2023
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: from n/a through 1.25.9.
Affected versions
max 1.25.10.
Status
vulnerable
Previous vulnerability researches
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2024-44063) , Sep 02, 2024
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2024-10054) , May 17, 2025
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2026-49768) , Jun 10, 2026
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2024-23521) , Jun 10, 2024
Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms (CVE-2023-48752) , Jun 06, 2024
New vulnerability
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One (CVE-2026-48966) , Jun 10, 2026
Geo Mashup (CVE-2026-48967) , Jun 10, 2026
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms (CVE-2026-49109) , Jun 10, 2026
WP-Paginate (CVE-2021-47982) , Jun 10, 2026
Welcart e-Commerce (CVE-2026-49775) , Jun 10, 2026