Aggregates CVE and security vulnerability intelligence across all happyforms-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-10054 | The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | [email protected] | 4.8 | 0.17% | 2025-05-15 | 2025-06-04 |
| CVE-2024-44063 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0. | [email protected] | 6.5 | 0.16% | 2024-09-15 | 2024-09-27 |
| CVE-2024-23521 | Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10. | [email protected] | 5.3 | 0.11% | 2024-06-11 | 2024-11-21 |
| CVE-2023-48752 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: from n/a through 1.25.9. | [email protected] | 7.1 | 0.19% | 2023-11-30 | 2026-04-28 |
| CVE-2023-0096 | The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. | [email protected] | 5.4 | 0.20% | 2023-02-06 | 2025-03-25 |