cformsii_project CVE 脆弱性と CVE 一覧（9）

製品（CPE）: — CVE 件数: 9

cformsii_project 脆弱性概要

cformsii_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

公開された問題は vendor risk cross-site scripting、vendor risk sql injection, and vendor risk csrf に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact session compromise and vendor impact data exposure などの暴露リスクを伴う場合があります。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移（直近24か月）

CVE	概要	ソース	CVSS 最大値	EPSS（%）	公開	更新
CVE-2023-52203	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5.	[email protected]	5.9	0.12%	2024-01-08	2026-04-28
CVE-2023-25449	Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.	[email protected]	4.3	0.09%	2023-06-15	2024-11-21
CVE-2014-10393	The cforms2 plugin before 10.5 for WordPress has XSS.	[email protected]	6.1	0.19%	2019-08-22	2024-11-21
CVE-2014-10392	The cforms2 plugin before 10.2 for WordPress has XSS.	[email protected]	6.1	0.28%	2019-08-22	2024-11-21
CVE-2017-18570	The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.	[email protected]	9.8	0.55%	2019-08-22	2024-11-21
CVE-2015-9333	The cforms2 plugin before 14.6.10 for WordPress has SQL injection.	[email protected]	9.8	0.60%	2019-08-22	2024-11-21
CVE-2017-18559	The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.	[email protected]	6.1	0.21%	2019-08-21	2024-11-21
CVE-2014-10377	The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php.	[email protected]	6.1	0.19%	2019-08-21	2024-11-21
CVE-2019-15238	The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.	[email protected]	8.8	0.30%	2019-08-20	2024-11-21

cvelogic Threat Intelligence