Vulnerabilities (CVE)

Filtered by vendor Happyforms Subscribe
Filtered by product Happyforms
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-48752 1 Happyforms 1 Happyforms 2023-12-06 N/A 6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: from n/a through 1.25.9.
CVE-2023-0096 1 Happyforms 1 Happyforms 2023-11-07 N/A 5.4 MEDIUM
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.