solspace/craft-freeform Security Advisories for 5.0.1 (3)
-
[LOW] Freeform Craft Plugin CP UI (builder/integrations) has Stored Cross-Site Scripting (XSS) issue
PKSA-xc3n-vk9q-z5t5 GHSA-jp3q-wwp3-pwv9
Affected version: >=5.0.0,<=5.14.6
Reported by:
GitHub -
[LOW] solspace/craft-freeform Exposed to Known Axios Vulnerabilities via Precompiled Assets
PKSA-59fn-718f-htt1 GHSA-rwr8-xrpw-9qf5
Affected version: >=5.0.0-beta.1,<5.5.9|<4.1.22
Reported by:
GitHub -
[CRITICAL] The Freeform CraftCMS plugin contains an Server-side template injection (SSTI) vulnerability
PKSA-tpdv-c7w9-v16r CVE-2025-52122 GHSA-9hp3-f5g8-rccg
Affected version: >=5.0.0,<5.10.16
Reported by:
GitHub