HTML Forms – Simple WordPress Forms Plugin

Vulnerabilities 9Slug html-formsLatest version 1.6.4WordPress.org →

Minimum safe version

1.6.1

Update to 1.6.1 or later to address 9 fixable vulnerabilities

Latest available1.6.4 ✓

Medium 6.1

2025-12-17< 1.6.1

CVE-2025-13861

Medium 4.4

2025-11-08< 1.5.6

CVE-2025-12125

Medium 5.4

2025-04-22< 1.5.3

CVE-2025-46236

High 7.1

2025-04-01< 1.5.2

CVE-2025-31080

High 7.1

2025-01-02< 1.4.2

CVE-2024-56060

Medium 6.5

2024-07-31< 1.3.34

CVE-2024-6412

Medium 4.8

2024-07-22< 1.3.33

CVE-2024-6243

Medium 5.9

2024-12-21< 1.3.30

WordPress HTML Forms Plugin <= 1.3.28 is vulnerable to Cross Site Scripting (XSS)

High 7.2

2022-11-28< 1.3.25

CVE-2022-3689