Visual Form Builder Vulnerabilities
The Visual Form Builder WordPress plugin has 3 known security vulnerabilities. The most recent was disclosed on May 15, 2015. Check whether your site runs an affected version below.
View Visual Form Builder on WordPress.orgSummary
Latest vulnerability disclosed on May 15, 2015.
Recommendation
WPSentry recommends installing with caution
Use Visual Form Builder only with care. This plugin has a history of high-severity vulnerabilities — always run the latest version and monitor it for newly disclosed issues.
Is your site affected?
Run a free external scan to detect Visual Form Builder and 35+ other WordPress security checks — no login or plugin required.
Known Visual Form Builder vulnerabilities
- high
Visual Form Builder <= 2.8.2 - Cross-Site Request Forgery to SQL Injection
Affected versions: <2.8.3Disclosed May 15, 2015 - high
Visual Form Builder <= 2.8.2 - Authenticated SQL Injection
Affected versions: <2.8.3Disclosed May 15, 2015 - medium
Visual Form Builder <= 2.8.2 - Reflected Cross-Site Scripting
Affected versions: <2.8.3Disclosed May 15, 2015
How to stay protected
Update promptly
Keep Visual Form Builder on its latest release — most vulnerabilities are fixed in newer versions.
Scan regularly
Run an external scan after every update to catch outdated or vulnerable software early.
Monitor continuously
Enable monitoring to get alerted the moment a new issue affects your stack.