Known Vulnerabilities for Formidable by Formidableforms
Listed below are 1 of the newest known vulnerabilities associated with "Formidable" by "Formidableforms".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-49109 json | Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja ... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-49105 json | Unauthenticated PHP Object Injection in WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-49104 json | Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable,... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-49085 json | Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.... | Not Provided | 2026-06-15 | 2026-06-15 |
| CVE-2026-32527 json | Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Fo... | Not Provided | 2026-03-25 | 2026-04-29 |
| CVE-2026-8871 json | The Formidable Kinetic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'kinetic_link' shortcode in ... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-2890 json | The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6... | Not Provided | 2026-03-13 | 2026-04-08 |
| CVE-2026-2888 json | The Formidable Forms plugin for WordPress is vulnerable to an authorization bypass through user-controlled key in all version... | Not Provided | 2026-03-13 | 2026-04-08 |
| CVE-2026-2568 json | The WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin for WordPress is vulnerable to Store... | Not Provided | 2026-03-03 | 2026-04-08 |
| CVE-2025-67468 json | Missing Authorization vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidabl... | Not Provided | 2025-12-09 | 2026-04-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Formidableforms | Formidable | 4.02.02 | |||
| Application | Formidableforms | Formidable | 4.02.01 | |||
| Application | Formidableforms | Formidable | 4.02 | |||
| Application | Formidableforms | Formidable | 4.01.02 | |||
| Application | Formidableforms | Formidable | 4.01.01 | |||
| Application | Formidableforms | Formidable | 4.01 | |||
| Application | Formidableforms | Formidable | 4.0.04 | |||
| Application | Formidableforms | Formidable | 4.0.03 | |||
| Application | Formidableforms | Formidable | 4.0.02 | |||
| Application | Formidableforms | Formidable | 4.0.01 | |||
| Application | Formidableforms | Formidable | 4.0 | |||
| Application | Formidableforms | Formidable | 3.06.06 | |||
| Application | Formidableforms | Formidable | 3.06.05 | |||
| Application | Formidableforms | Formidable | 3.06.04 | |||
| Application | Formidableforms | Formidable | 3.06.03 | |||
| Application | Formidableforms | Formidable | 3.06.02 | |||
| Application | Formidableforms | Formidable | 3.06.01 | |||
| Application | Formidableforms | Formidable | 3.06 | |||
| Application | Formidableforms | Formidable | 3.05 | |||
| Application | Formidableforms | Formidable | 3.04.03 |