|Form Maker by 10Web <= 1.15.19 - Unauthenticated Arbitrary File Upload||CVE-2023-4666||dc11||September 7, 2023|
|Form Maker <= 1.15.16 - Missing Authorization in check_score||June 14, 2023|
|Form Maker <= 1.15.5 - Authenticated (Administrator+) SQL Injection||CVE-2022-3300||Nguyen Duy Quoc Khanh||September 29, 2022|
|Form Maker <= 1.14.11 - Stored Cross-Site Scripting||CVE-2022-1564||Abhinav Porwal, Hitesh Kumar||May 9, 2022|
|Form Maker <= 1.13.59 - Authenticated Stored Cross-Site Scripting||CVE-2021-24526||Felipe Restrepo Rodriguez||July 15, 2021|
|Form Maker by 10Web < 1.13.40 - Reflected Cross-Site Scripting||Andy Tyler||July 12, 2020|
|Form Maker by 10Web <= 1.13.35 - SQL Injection||Vu Tien Hoa||May 26, 2020|
|Form Maker by 10Web <= 1.13.2 - Authenticated SQL Injection||CVE-2019-10866||Daniele Scanu||May 10, 2019|
|Form Maker by 10Web <= 1.13.4 - Cross-Site Request Forgery to Local File Inclusion||CVE-2019-11590||p4n||April 5, 2019|
|Form Maker by 10Web <= 1.12.21 - CSV Injection||CVE-2018-10504||Jetty Sairam||April 27, 2018|
All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.
Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.
The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.Documentation