Vulnerabilities in techjewel
43 resultsCVE-2024-2771CRITICALContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege EscalationEPSS 2.3%CVE-2024-2782HIGHContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting ManipulationEPSS 1.2%CVE-2024-9511CRITICALFluentSMTP – WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider <= 2.2.82 - Unauthenticated PHP Object InjectionEPSS 1.1%CVE-2023-1430MEDIUMFluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization ControlEPSS 0.8%CVE-2024-4157HIGHContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValuesEPSS 0.7%CVE-2026-7798MEDIUMFluentCRM <= 2.9.87 - Unauthenticated Blind Server-Side Request Forgery via 'SubscribeURL' ParameterEPSS 0.6%CVE-2026-6344MEDIUMFluent Forms <= 6.2.1 - Authenticated (Administrator+) Arbitrary File Read via Path Traversal in Email AttachmentEPSS 0.6%CVE-2024-0618MEDIUMFluent Forms <= 5.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via imported form titleEPSS 0.5%CVE-2025-9260MEDIUMFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 5.1.16 - 6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File ReadEPSS 0.5%CVE-2023-3087HIGHFluentSMTP <= 2.2.4 - Unauthenticated Stored Cross-Site Scripting via Email SubjectEPSS 0.5%CVE-2025-2939MEDIUMNinja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated PHP Object Injection to Limited Remote Code ExecutionEPSS 0.5%CVE-2024-5053MEDIUMContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.18 - Missing Authorization to Authenticated (Subscriber+) Mailchimp Integration ModificationEPSS 0.4%CVE-2024-13568HIGHFluent Support – Helpdesk & Customer Support Ticket System <= 1.8.5 - Unauthenticated Sensitive Information Exposure Through Unprotected DirectoryEPSS 0.4%CVE-2024-4709MEDIUMContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2023-6957MEDIUMFluent Forms <= 5.1.9 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-9528MEDIUMContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Form Manager+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-7304MEDIUMNinja Tables – Easiest Data Table Builder <= 5.0.12 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File UploadEPSS 0.4%CVE-2024-10646HIGHContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form SubjectEPSS 0.3%CVE-2026-4160MEDIUMFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status ModificationEPSS 0.3%CVE-2024-6703MEDIUMContact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Welcome Screen FieldsEPSS 0.3%