cbcvebase.

Piotnetdotcom Piotnet Forms vulnerabilities

5 known vulnerabilities affecting piotnetdotcom/piotnet_forms.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3LOW1

Vulnerabilities

Page 1 of 1
CVE-2023-6220P2CRITICALCVSS 9.8≤ 1.0.282024-01-11
CVE-2023-6220 [CRITICAL] CWE-434 CVE-2023-6220: The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient f The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'piotnetforms_ajax_form_builder' function in versions up to, and including, 1.0.28. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code exec
nvd
CVE-2025-31792P4MEDIUMCVSS 5.9≤ 1.0.302025-04-01
CVE-2025-31792 [MEDIUM] CWE-79 CVE-2025-31792: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
nvd
CVE-2025-31793P4MEDIUMCVSS 5.9≤ 1.0.302025-04-01
CVE-2025-31793 [MEDIUM] CWE-79 CVE-2025-31793: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
nvd
CVE-2025-57933P4MEDIUMCVSS 4.3≤ 1.0.302025-09-22
CVE-2025-57933 [MEDIUM] CWE-352 CVE-2025-57933: Cross-Site Request Forgery (CSRF) vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows C Cross-Site Request Forgery (CSRF) vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Cross Site Request Forgery.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
nvd
CVE-2025-32205P4LOWCVSS 2.7≤ 1.0.302025-04-10
CVE-2025-32205 [LOW] CWE-22 CVE-2025-32205: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piot Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
nvd
Piotnetdotcom Piotnet Forms vulnerabilities | cvebase