Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder

2021-07-15

Form Maker < 1.13.60 - Authenticated Stored XSS

fixed in version 1.13.60✓

2020-07-12

Form Maker by 10Web < 1.13.40 - Authenticated Reflected XSS

fixed in version 1.13.40✓

2020-05-26

Form Maker by 10Web < 1.13.36 - Authenticated SQL Injection

fixed in version 1.13.36✓

2019-05-10

Form Maker by 10Web < 1.13.3 - Authenticated SQL Injection

fixed in version 1.13.3✓

2019-04-05

Form Maker by 10Web < 1.13.5 - Cross-Site Request Forgery (CSRF) to LFI

fixed in version 1.13.5✓

2018-05-01

Form Maker by WD < 1.12.24 - CSV Injection

fixed in version 1.12.24✓

2014-08-01

Form Maker 1.6.4 - front_end_form_maker.php Unspecified XSS

fixed in version 1.6.6✓

Is this your WordPress plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.