Form maker

This hub aggregates every CVE we track for Form maker, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Form maker.

• CVE-2018-25346WordPress Form Maker Plugin 1.12.24 SQL Injection via admin-ajax.php7.1May 23, 2026
• CVE-2024-13053Form Maker by 10Web < 1.15.33 - Admin+ Stored XSS via Theme Title4.8May 15, 2025
• CVE-2024-10680Form Maker by 10Web < 1.15.32 - Admin+ Stored XSS4.8Apr 16, 2025
• CVE-2024-10560Form Maker by 10Web < 1.15.30 - Admin+ Stored XSS3.5Mar 25, 2025
• CVE-2024-10558Form Maker by 10Web < 1.15.30 - Admin+ Stored XSS3.5Mar 24, 2025
• CVE-2024-13605Form Maker by 10Web < 1.15.33 - Admin+ Stored XSS4.8Feb 24, 2025
• CVE-2024-10562Form Maker by 10Web < 1.15.31 - Admin+ Stored XSS2.7Jan 7, 2025
• CVE-2024-10265Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.30 - Reflected Cross-Site Scripting via add_query_arg Parameter6.1Nov 10, 2024
• CVE-2024-8633Form Maker <= 1.15.27 - Authenticated (Administrator+) Stored Cross-Site Scripting5.5Sep 26, 2024
• CVE-2024-43220WordPress Form Maker by 10Web plugin <= 1.15.26 - Reflected Cross Site Scripting (XSS) vulnerability7.1Aug 12, 2024
• CVE-2024-6130Form Maker by 10Web < 1.15.26 - Admin+ Stored XSS4.8Jul 1, 2024
• CVE-2023-48290WordPress Form Maker by 10Web plugin <= 1.15.20 - Captcha Bypass Vulnerability vulnerability5.3Jun 4, 2024
• CVE-2024-34437WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability5.9May 9, 2024
• CVE-2024-2258Form Maker by 10Web <= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting4.4Apr 27, 2024
• CVE-2024-32534WordPress Form Maker plugin <= 1.15.23 - Cross Site Scripting (XSS) vulnerability5.9Apr 17, 2024