Known Vulnerabilities for products from Wpforms
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Wpforms".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40764 json | Not Provided | 2026-04-15 | 2026-04-15 | |
| CVE-2026-32527 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-32446 json | Not Provided | 2026-03-13 | 2026-04-01 | |
| CVE-2026-25430 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-25339 json | Not Provided | 2026-03-25 | 2026-03-26 | |
| CVE-2026-3831 json | Not Provided | 2026-04-01 | 2026-04-01 | |
| CVE-2026-2599 json | Not Provided | 2026-03-05 | 2026-04-08 | |
| CVE-2026-2568 json | Not Provided | 2026-03-03 | 2026-04-08 | |
| CVE-2025-67570 json | Not Provided | 2025-12-09 | 2026-04-01 | |
| CVE-2025-60082 json | Not Provided | 2025-12-18 | 2026-04-01 | |
| CVE-2024-56276 json | Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configu... | Not Provided | 2025-01-07 | 2026-04-01 |
| CVE-2023-30500 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms WPForms Lite (wpforms-lite), WPForms WPForms Pro (wpfor... | 6.1 - MEDIUM | 2023-06-22 | 2023-06-28 |
| CVE-2023-7063 json | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPForms WPForms Lite (wpforms-lite), WPForms WPForms Pro (wpfor... | 6.1 - MEDIUM | 2024-01-20 | 2024-01-30 |
| CVE-2023-3213 json | The WP Mail SMTP Pro plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on t... | Not Provided | 2023-10-04 | 2026-04-08 |
| CVE-2022-3574 json | The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could l... | 9.8 - CRITICAL | 2022-11-14 | 2022-11-16 |
| CVE-2020-10385 json | A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.5.9 f... | 5.4 - MEDIUM | 2020-03-24 | 2022-10-06 |
| CVE-2019-25145 json | The Contact Form & SMTP Plugin by PirateForms plugin for WordPress is vulnerable to HTML injection in the ‘public/class-pir... | Not Provided | 2023-06-07 | 2026-04-08 |
Known software with vulnerabilities from Wpforms
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Wpforms | Contact Form | 1.5.9 |