GCVE - cpe:2.3:a:roxnor:metform:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:roxnor:metform:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Roxnor (`30f963bc-c503-5cb4-ba58-0f6bd7aae986`)
Product	Metform (`2d5c9603-9589-50ad-b919-613432098f04`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-30914`	vulnerable	2026-06-03 15:00:29.828963	WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability MEDIUM (4.4) Server-Side Request Forgery (SSRF) vulnerability in Roxnor Metform metform allows Server Side Request Forgery.This issue affects Metform: from n/a through <= 3.9.2. Published: 2025-03-27T10:55:54.526Z Updated: 2026-04-28T16:12:00.361Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/metform/vulnerability/wordpress-metform-elementor-contact-form-builder-plugin-3-9-2-server-side-request-forgery-ssrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-33570`	vulnerable	2026-06-03 14:55:52.577789	WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability MEDIUM (4.3) Missing Authorization vulnerability in Roxnor Metform metform.This issue affects Metform: from n/a through <= 3.8.3. Published: 2024-05-06T19:26:14.683Z Updated: 2026-05-11T20:59:37.710Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/metform/vulnerability/wordpress-metform-plugin-3-8-3-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-50903`	vulnerable	2026-06-03 14:53:31.701707	WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability MEDIUM (5.3) Missing Authorization vulnerability in Roxnor Metform metform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform: from n/a through <= 3.4.0. Published: 2024-12-09T11:29:52.850Z Updated: 2026-04-29T09:51:52.500Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Plugin/metform/vulnerability/wordpress-metform-elementor-contact-form-builder-plugin-3-4-0-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.