Hassantafreshi Easy Form Builder vulnerabilities
4 known vulnerabilities affecting hassantafreshi/easy_form_builder.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2025-54678P2CRITICALCVSS 9.3≤ 3.8.152025-08-14
CVE-2025-54678 [CRITICAL] CWE-89 CVE-2025-54678: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 3.8.15.
nvd
CVE-2026-42747P2CRITICALCVSS 9.3≤ 4.0.62026-05-27
CVE-2026-42747 [CRITICAL] CWE-89 CVE-2026-42747: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 4.0.6.
nvd
CVE-2025-67577P4MEDIUMCVSS 5.3≤ 3.8.202025-12-09
CVE-2025-67577 [MEDIUM] CWE-862 CVE-2025-67577: Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exp
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.8.20.
nvd
CVE-2026-22472P4MEDIUMCVSS 4.3≤ 3.9.62026-01-22
CVE-2026-22472 [MEDIUM] CWE-862 CVE-2026-22472: Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exp
Missing Authorization vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form Builder: from n/a through <= 3.9.6.
nvd