Product
reputeinfosystems arforms
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-10504
CVE-2024-54217
CVE-2024-54216
CVE-2024-0427
CVE-2024-32705
CVE-2024-32704
CVE-2024-32703
CVE-2024-4621
CVE-2024-4620
CVE-2024-32702
CVE-2024-32706
CVE-2019-16902
< 1.7.1
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters wh
<= 6.4.1
Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.1.
<= 6.4.1
Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms allows Path Traversal.This issue affects ARForms: f
< 6.4.1
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input w
< 6.4.1
Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.
< 6.4.1
Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.
< 6.4.1
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in reputeinfosystems ARForms arforms.
< 6.6
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings,
< 6.6
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded fi
< 6.4.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARForms ar
< 6.4.1
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARForms ar
all versions
In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary