Browse all 3 CVE security advisories affecting Strategy11 Form Builder Team. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Strategy11 Form Builder Team develops WordPress form plugins primarily used for creating and managing user-submitted content on websites. Historically, their products have been vulnerable to cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. The team has addressed multiple security issues, with three CVEs currently on record, including critical RCE vulnerabilities in versions prior to 1.7.5. While no major public security incidents have been documented, their plugin history demonstrates a pattern of security vulnerabilities that required timely patches to prevent potential website compromises.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-45806 | WordPress Formidable Forms plugin <= 5.5.4 - Broken Access Control vulnerability — Formidable FormsCWE-862 | 4.3 | Medium | 2024-12-13 |
| CVE-2024-23522 | WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability — Formidable FormsCWE-80 | 5.3 | Medium | 2024-05-17 |
| CVE-2023-24419 | WordPress Formidable Forms Plugin <= 5.5.6 is vulnerable to Cross Site Request Forgery (CSRF) — Formidable FormsCWE-352 | 7.1 | High | 2023-02-28 |
This page lists every published CVE security advisory associated with Strategy11 Form Builder Team. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.