Product
cmsmadesimple form builder
10 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-0749
CVE-2023-23796
CVE-2023-23795
CVE-2022-0830
CVE-2021-24513
CVE-2016-10910
CVE-2012-6715
CVE-2017-6072
CVE-2017-6071
CVE-2017-6070
>= 7.x-1.0 and <= 7.x-1.22
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal Form Builder allows C
<= 1.9.9.0
Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.T
<= 1.9.9.0
Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Form Builder plugin <= 1.9.9.0 versions.
<= 1.08
The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and do
< 1.9.8.4
The Form Builder | Create Responsive Contact Forms WordPress plugin before 1.9.8.4 does not sanitise or escape its Form Title, all
< 1.06
The formbuilder plugin before 1.06 for WordPress has multiple XSS issues.
< 0.9.1
The formbuilder plugin before 0.9.1 for WordPress has XSS via a Referer header.
<= 0.8.1.5
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks
<= 0.8.1.5
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks
<= 0.8.1.5
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_fo