Crmperks Crm Perks Forms
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Crmperks Crm Perks Forms.
By the Year
In 2026 there have been 0 vulnerabilities in Crmperks Crm Perks Forms. Crm Perks Forms did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 6 | 7.67 |
| 2023 | 2 | 5.25 |
It may take a day or so for new Crm Perks Forms vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Crmperks Crm Perks Forms Security Vulnerabilities
Missing Auth in CRM Perks Forms (1.1.5) via unrestricted ACLs
CVE-2024-37463
9.8 - Critical
- November 01, 2024
Missing Authorization vulnerability in CRM Perks CRM Perks Forms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CRM Perks Forms: from n/a through 1.1.5.
AuthZ
CRM Perks Forms 1.1.3 Or Earlier: Arb File Upload via handle_uploaded_files
CVE-2024-7484
7.2 - High
- August 06, 2024
The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'handle_uploaded_files' function in versions up to, and including, 1.1.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Unrestricted File Upload
CRM Perks Forms Stored XSS CVE-2024-30446 Affected before v1.1.4
CVE-2024-30446
5.4 - Medium
- March 29, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through 1.1.4.
XSS
SQLi in CRM Perks Forms pre-1.1.5
CVE-2024-30499
8.8 - High
- March 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4.
SQL Injection
SQL Injection in CRM Perks Forms 1.1.4 due to Improper Neutralization
CVE-2024-30498
10 - Critical
- March 29, 2024
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4.
SQL Injection
CrossSite Scripting in CRM Perks Forms WordPress Form Builder <=1.1.2
CVE-2023-51536
4.8 - Medium
- February 01, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms WordPress Form Builder: from n/a through 1.1.2.
XSS
Stored XSS in Perks Forms WP Plugin v1.1.1 via form settings
CVE-2023-2836
4.4 - Medium
- May 31, 2023
The CRM Perks Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
XSS
CRM Perks Forms <=1.1.0 WordPress Form Builder Reflected XSS
CVE-2022-38467
6.1 - Medium
- January 14, 2023
Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms WordPress Form Builder <= 1.1.0 ver.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Crmperks Crm Perks Forms or by Crmperks? Click the Watch button to subscribe.
