Medium 4.9
2026-05-06< 6.2.2
CVE-2026-6344
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder
Minimum safe version
6.2.2
Update to 6.2.2 or later to address 33 fixable vulnerabilities
Latest available6.2.2 ✓
Medium 6.5
2025-09-02< 6.1.2
Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 5.1.16 - 6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File Read
Medium 5.3
2026-04-16< 6.2.0
CVE-2026-4160
N/A
2026-02-09< 6.1.15
Fluent Forms <= 6.1.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via AI Form Builder Module
Medium 4.3
2026-02-19< 6.1.15
CVE-2026-25313
Medium 5.3
2026-01-22< 6.1.12
CVE-2025-69001
Medium 5.3
2026-01-07< 6.1.8
CVE-2025-13722
Medium 5.3
2025-12-06< 6.1.8
CVE-2025-13748
Medium 6.4
2025-04-17< 6.0.3
Fluent Forms <= 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Medium 5.3
2025-03-22< 6.0.0
CVE-2024-13666
High 7.2
2024-12-14< 5.2.7
CVE-2024-10646
Medium 6.1
2024-12-09< 5.2.1
CVE-2024-9651
Medium 4.8
2024-10-07< 5.1.20
WordPress FluentForm Plugin <= 5.1.19 is vulnerable to Cross Site Scripting (XSS)
Medium 4.3
2024-09-03< 5.1.19
WordPress FluentForm Plugin <= 5.1.18 is vulnerable to Broken Access Control
Medium 4.8
2024-07-27< 5.1.20
CVE-2024-6521
Medium 4.8
2024-07-27< 5.1.20
CVE-2024-6518
Medium 5.4
2024-07-27< 5.1.20
CVE-2024-6703
Medium 4.8
2024-07-29< 5.1.20
WordPress FluentForm Plugin <= 5.1.19 is vulnerable to Cross Site Scripting (XSS)
High 8.8
2024-05-23< 5.1.16
WordPress FluentForm Plugin <= 5.1.15 is vulnerable to PHP Object Injection
Medium 5.4
2024-05-20< 5.1.17
WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Cross Site Scripting (XSS)
Medium 5.4
2024-05-20< 5.1.14
WordPress FluentForm Plugin <= 5.1.13 is vulnerable to Cross Site Scripting (XSS)
Critical 9.8
2024-05-20< 5.1.17
WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Privilege Escalation
High 7.5
2024-05-20< 5.1.17
WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Broken Access Control
Medium 5.4
2024-03-13< 5.1.10
CVE-2023-6957
Medium 4.8
2024-01-27< 5.1.7
CVE-2024-0618
N/A
2024-01-19< 5.1.7
WordPress FluentForm Plugin <= 5.1.5 is vulnerable to Cross Site Scripting (XSS)
N/A
2024-01-18< 5.1.7
Fluent Forms <= 5.1.5 - Authenticated(Administrator+) Stored Cross-Site Scripting via imported form title
Medium 5.3
2024-12-13< 5.0.9
CVE-2023-41952
N/A
2023-09-08< 5.0.9
Contact Form for Plugin by Fluent Forms <= 5.0.8 - Insecure Direct Object Reference
Medium 5.5
2023-10-31< 5.0.0
CVE-2023-24410
Medium 5.4
2023-04-11< 4.3.25
WordPress FluentForm Plugin < 4.3.25 is vulnerable to Cross Site Scripting (XSS)
Critical 9.8
2022-11-07< 4.3.13
CVE-2022-3463
High 8.8
2021-07-07< 3.6.67
CVE-2021-34620