CVE-2025-13722

Name of the Vulnerable Software and Affected Versions Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress versions through 6.1.7

Description The Fluent Forms plugin for WordPress is affected by a missing authorization issue. Capability checks are absent on the fluentform ai create form AJAX action, allowing authenticated attackers with Subscriber-level access or higher to create arbitrary forms through the AI builder.

Recommendations Update to a version beyond 6.1.7.