cleantalk
Vulnerabilities and Security Researches

cformsII, 89b72f8a78b474dec54fc8879e061599a7088592

CVE, Research URL

89b72f8a78b474dec54fc8879e061599a7088592

Home page URL

Security reports for cformsII

Application

cformsII

Published on
Aug 12, 2019
Research Description
cformsII [cforms2] < 15.0.2 WordPress CformsII plugin <= 15.0.1 - Unauthenticated HTML Injection & Cross-Site Request Forgery (CSRF) vulnerabilities Unauthenticated HTML Injection & Cross-Site Request Forgery (CSRF) vulnerabilities found by Jerome Bruandet (Nintechnet) in WordPress CformsII plugin (versions <= 15.0.1).
Affected versions
max 15.0.2.
Status
vulnerable
Previous vulnerability researches
WordPress Connect (feaf7c04-4991-4c34-bfbf-d849a9e38599) , Jun 16, 2026
WordPress Connect (5b2d1beeae1454c4c4f60eac4f084fd504540b28) , Jun 16, 2026
WordPress Connect (b326cdbf2040aa8eeb688f951965600d9b290062) , Jun 06, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026