Formidable Form Builder Vulnerabilities
The Formidable Form Builder WordPress plugin has 4 known security vulnerabilities, including 1 critical. The most recent was disclosed on December 16, 2022. Check whether your site runs an affected version below.
View Formidable Form Builder on WordPress.orgSummary
Latest vulnerability disclosed on December 16, 2022.
Recommendation
WPSentry recommends extreme caution
Only run Formidable Form Builder if it is updated to the latest patched release. This plugin has a history of 1 critical, potentially exploitable vulnerability. If you already use it, update immediately — or consider a safer alternative.
Is your site affected?
Run a free external scan to detect Formidable Form Builder and 35+ other WordPress security checks — no login or plugin required.
Known Formidable Form Builder vulnerabilities
- medium
Formidable Forms <= 5.5.4 - Authenticated (Admin+) Server-Side Request Forgery
Affected versions: <=5.5.4Disclosed December 16, 2022 - high
Formidable Form Builder < 2.05.03 - SQL Injection
Affected versions: <2.05.03Disclosed November 13, 2017 - medium
Formidable Form Builder < 2.05.03 - Reflected Cross-Site Scripting
Affected versions: <2.05.03Disclosed November 13, 2017 - critical
Formidable Form Builder <= 2.0.21 - Missing Authorization Checks
Affected versions: <=2.0.21Disclosed February 16, 2016
How to stay protected
Update promptly
Keep Formidable Form Builder on its latest release — most vulnerabilities are fixed in newer versions.
Scan regularly
Run an external scan after every update to catch outdated or vulnerable software early.
Monitor continuously
Enable monitoring to get alerted the moment a new issue affects your stack.