GCVE - cpe:2.3:a:techjewel:contact_form_plugin_by_fluent_forms_for_quiz,_survey,_and_drag_&_drop_wp_form

Approved changes feed: RSS · Atom

cpe:2.3:a:techjewel:contact_form_plugin_by_fluent_forms_for_quiz,_survey,_and_drag_&_drop_wp_form_builder:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Techjewel (`8c1c7a9c-9004-5a05-90f7-99f2e51aad2b`)
Product	Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop Wp Form Builder (`2b3be5a7-a310-5ce2-92a0-4c903a56b2d4`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-4709`	vulnerable	2026-06-08 06:50:18.469870	Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting MEDIUM (6.4) The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, and access granted by an administrator, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Published: 2024-05-18T07:38:34.748Z Updated: 2026-04-08T16:56:28.315Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/5fe317a6-a391-441a-aac8-c8fa57e73169?source=cve https://plugins.trac.wordpress.org/browser/fluentform/trunk/app/Services/FormBuilder/Notifications/EmailNotification.php#L106 https://plugins.trac.wordpress.org/browser/fluentform/trunk/app/Services/FormBuilder/Notifications/EmailNotification.php#L164 https://plugins.trac.wordpress.org/browser/fluentform/trunk/app/Services/FormBuilder/Notifications/EmailNotification.php#L194 https://plugins.trac.wordpress.org/changeset/3088078/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Contact Form Plugin By Fluent Forms For Quiz, Survey, And Drag & Drop Wp Form Builder

PURL mappings

Vulnerability references

Contribute