cleantalk
Vulnerabilities and Security Researches

HTML Forms, CVE-2024-6412

CVE, Research URL

CVE-2024-6412

Home page URL

Security reports for HTML Forms

Application

HTML Forms

Published on
Jul 31, 2024
Research Description
The HTML Forms WordPress plugin before 1.3.34 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
Affected versions
Min -, max 1.3.34.
Status
vulnerable
Previous vulnerability researches
HTML Forms (CVE-2024-6412) , Aug 02, 2024
HTML Forms (CVE-2024-56060) , Dec 22, 2024
HTML Forms (CVE-2025-31080) , Apr 03, 2025
HTML Forms (CVE-2023-50836) , Jun 07, 2024
HTML Forms (CVE-2022-3689) , Jun 07, 2024
New vulnerability
Easy Contact (CVE-2025-30970) , Apr 08, 2025
DyaPress ERP/CRM (CVE-2025-30582) , Apr 08, 2025
Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links (CVE-2025-1264) , Apr 07, 2025
Advanced All in One Admin Search by WP Spotlight (CVE-2025-32261) , Apr 06, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2025-32219) , Apr 06, 2025