📦 Forminator Forms

by Wpmudev

🔍 What is Forminator Forms?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-10402

HIGH CVSS 7.5 Oct 26, 2024

The Forminator WordPress plugin has an authorization bypass vulnerability that allows authenticated users with Contributor-level access or higher to create/edit forms and modify user registration form...

CVE-2025-3487

MEDIUM CVSS 6.4 Apr 17, 2025

This vulnerability allows authenticated WordPress users with Contributor-level access or higher to inject malicious JavaScript into forms created with the Forminator plugin. The injected scripts execu...

CVE-2024-7052

MEDIUM CVSS 4.8 Feb 14, 2025

This vulnerability allows administrators in WordPress multisite installations to inject malicious scripts into Forminator Forms plugin settings. The stored XSS payload executes when other users view t...

CVE-2025-0470

MEDIUM CVSS 6.1 Jan 31, 2025

This vulnerability allows unauthenticated attackers to execute reflected cross-site scripting (XSS) attacks via the title parameter in the Forminator WordPress plugin. Attackers can inject malicious s...

CVE-2024-9352

MEDIUM CVSS 4.3 Oct 17, 2024

This CSRF vulnerability in the Forminator WordPress plugin allows unauthenticated attackers to create draft forms by tricking administrators into clicking malicious links. All WordPress sites using Fo...