diff --git a/project/forms/admin_unit.py b/project/forms/admin_unit.py
index c689d3f..c4e7b93 100644
--- a/project/forms/admin_unit.py
+++ b/project/forms/admin_unit.py
@@ -11,10 +11,16 @@ from project.models import AdminUnitRelation, Image, Location
 
 
 class AdminUnitLocationForm(FlaskForm):
-    street = StringField(lazy_gettext("Street"), validators=[Optional()])
-    postalCode = StringField(lazy_gettext("Postal code"), validators=[DataRequired()])
-    city = StringField(lazy_gettext("City"), validators=[DataRequired()])
-    state = StringField(lazy_gettext("State"), validators=[Optional()])
+    street = StringField(
+        lazy_gettext("Street"), validators=[Optional(), Length(max=255)]
+    )
+    postalCode = StringField(
+        lazy_gettext("Postal code"), validators=[DataRequired(), Length(max=255)]
+    )
+    city = StringField(
+        lazy_gettext("City"), validators=[DataRequired(), Length(max=255)]
+    )
+    state = StringField(lazy_gettext("State"), validators=[Optional(), Length(max=255)])
     latitude = DecimalField(
         lazy_gettext("Latitude"), places=16, validators=[Optional()]
     )
@@ -43,10 +49,10 @@ class BaseAdminUnitForm(FlaskForm):
             ),
         ],
     )
-    url = URLField(lazy_gettext("Link URL"), validators=[Optional()])
-    email = EmailField(lazy_gettext("Email"), validators=[Optional()])
-    phone = TelField(lazy_gettext("Phone"), validators=[Optional()])
-    fax = TelField(lazy_gettext("Fax"), validators=[Optional()])
+    url = URLField(lazy_gettext("Link URL"), validators=[Optional(), Length(max=255)])
+    email = EmailField(lazy_gettext("Email"), validators=[Optional(), Length(max=255)])
+    phone = TelField(lazy_gettext("Phone"), validators=[Optional(), Length(max=255)])
+    fax = TelField(lazy_gettext("Fax"), validators=[Optional(), Length(max=255)])
     logo = FormField(Base64ImageForm, lazy_gettext("Logo"), default=lambda: Image())
     location = FormField(AdminUnitLocationForm, default=lambda: Location())
 
@@ -107,7 +113,9 @@ class UpdateAdminUnitForm(BaseAdminUnitForm):
 
 
 class UpdateAdminUnitWidgetForm(FlaskForm):
-    widget_font = StringField(lazy_gettext("Font"), validators=[Optional()])
+    widget_font = StringField(
+        lazy_gettext("Font"), validators=[Optional(), Length(max=255)]
+    )
     widget_background_color = StringField(
         lazy_gettext("Background Color"),
         default="#ffffff",
diff --git a/project/forms/admin_unit_member.py b/project/forms/admin_unit_member.py
index f2b2eaf..4f17bd0 100644
--- a/project/forms/admin_unit_member.py
+++ b/project/forms/admin_unit_member.py
@@ -2,13 +2,15 @@ from flask_babel import lazy_gettext
 from flask_wtf import FlaskForm
 from wtforms import SubmitField
 from wtforms.fields import EmailField
-from wtforms.validators import DataRequired
+from wtforms.validators import DataRequired, Length
 
 from project.forms.widgets import MultiCheckboxField
 
 
 class InviteAdminUnitMemberForm(FlaskForm):
-    email = EmailField(lazy_gettext("Email"), validators=[DataRequired()])
+    email = EmailField(
+        lazy_gettext("Email"), validators=[DataRequired(), Length(max=255)]
+    )
     roles = MultiCheckboxField(lazy_gettext("Roles"))
     submit = SubmitField(lazy_gettext("Invite"))
 
diff --git a/project/forms/common.py b/project/forms/common.py
index 6610737..11911a1 100644
--- a/project/forms/common.py
+++ b/project/forms/common.py
@@ -3,7 +3,7 @@ from flask_babel import lazy_gettext
 from flask_wtf import FlaskForm
 from markupsafe import Markup
 from wtforms import HiddenField, StringField
-from wtforms.validators import Optional
+from wtforms.validators import Length, Optional
 
 from project.imageutils import (
     get_bytes_from_image,
@@ -17,7 +17,7 @@ from project.imageutils import (
 
 class BaseImageForm(FlaskForm):
     copyright_text = StringField(
-        lazy_gettext("Copyright text"), validators=[Optional()]
+        lazy_gettext("Copyright text"), validators=[Optional(), Length(max=255)]
     )
 
 
diff --git a/project/forms/event.py b/project/forms/event.py
index 71b71ed..c8252eb 100644
--- a/project/forms/event.py
+++ b/project/forms/event.py
@@ -101,12 +101,12 @@ class OrganizerForm(EventPlaceForm):
 class EventOrganizerForm(FlaskForm):
     name = StringField(
         lazy_gettext("Organizator"),
-        validators=[Optional()],
+        validators=[Optional(), Length(max=255)],
     )
-    url = URLField(lazy_gettext("Link URL"), validators=[Optional()])
-    email = EmailField(lazy_gettext("Email"), validators=[Optional()])
-    phone = StringField(lazy_gettext("Phone"), validators=[Optional()])
-    fax = StringField(lazy_gettext("Fax"), validators=[Optional()])
+    url = URLField(lazy_gettext("Link URL"), validators=[Optional(), Length(max=255)])
+    email = EmailField(lazy_gettext("Email"), validators=[Optional(), Length(max=255)])
+    phone = StringField(lazy_gettext("Phone"), validators=[Optional(), Length(max=255)])
+    fax = StringField(lazy_gettext("Fax"), validators=[Optional(), Length(max=255)])
 
 
 class SharedEventForm(FlaskForm):
@@ -122,14 +122,14 @@ class SharedEventForm(FlaskForm):
     )
     external_link = URLField(
         lazy_gettext("Link URL"),
-        validators=[Optional()],
+        validators=[Optional(), Length(max=255)],
         description=lazy_gettext(
             "Enter a link to an external website containing more information about the event."
         ),
     )
     ticket_link = URLField(
         lazy_gettext("Ticket Link URL"),
-        validators=[Optional()],
+        validators=[Optional(), Length(max=255)],
         description=lazy_gettext("Enter a link where tickets can be purchased."),
     )
     tags = StringField(
diff --git a/project/forms/event_place.py b/project/forms/event_place.py
index 52f5d97..e4262d4 100644
--- a/project/forms/event_place.py
+++ b/project/forms/event_place.py
@@ -2,17 +2,21 @@ from flask_babel import lazy_gettext
 from flask_wtf import FlaskForm
 from wtforms import DecimalField, FormField, StringField, SubmitField, TextAreaField
 from wtforms.fields import URLField
-from wtforms.validators import DataRequired, Optional
+from wtforms.validators import DataRequired, Length, Optional
 
 from project.forms.common import Base64ImageForm
 from project.models import Image, Location
 
 
 class EventPlaceLocationForm(FlaskForm):
-    street = StringField(lazy_gettext("Street"), validators=[Optional()])
-    postalCode = StringField(lazy_gettext("Postal code"), validators=[Optional()])
-    city = StringField(lazy_gettext("City"), validators=[Optional()])
-    state = StringField(lazy_gettext("State"), validators=[Optional()])
+    street = StringField(
+        lazy_gettext("Street"), validators=[Optional(), Length(max=255)]
+    )
+    postalCode = StringField(
+        lazy_gettext("Postal code"), validators=[Optional(), Length(max=255)]
+    )
+    city = StringField(lazy_gettext("City"), validators=[Optional(), Length(max=255)])
+    state = StringField(lazy_gettext("State"), validators=[Optional(), Length(max=255)])
     latitude = DecimalField(
         lazy_gettext("Latitude"), places=16, validators=[Optional()]
     )
@@ -22,8 +26,10 @@ class EventPlaceLocationForm(FlaskForm):
 
 
 class BaseEventPlaceForm(FlaskForm):
-    name = StringField(lazy_gettext("Name"), validators=[DataRequired()])
-    url = URLField(lazy_gettext("Link URL"), validators=[Optional()])
+    name = StringField(
+        lazy_gettext("Name"), validators=[DataRequired(), Length(max=255)]
+    )
+    url = URLField(lazy_gettext("Link URL"), validators=[Optional(), Length(max=255)])
     photo = FormField(Base64ImageForm, lazy_gettext("Photo"), default=lambda: Image())
     description = TextAreaField(lazy_gettext("Description"), validators=[Optional()])
     location = FormField(EventPlaceLocationForm)
diff --git a/project/forms/event_suggestion.py b/project/forms/event_suggestion.py
index fd4eca0..76ad3ef 100644
--- a/project/forms/event_suggestion.py
+++ b/project/forms/event_suggestion.py
@@ -8,7 +8,7 @@ from wtforms import (
     SubmitField,
 )
 from wtforms.fields import EmailField, TelField
-from wtforms.validators import DataRequired, Optional
+from wtforms.validators import DataRequired, Length, Optional
 
 from project.forms.common import get_accept_tos_markup
 from project.forms.event import EventDateDefinitionFormMixin, SharedEventForm
@@ -24,19 +24,19 @@ from project.models import (
 class CreateEventSuggestionForm(SharedEventForm, EventDateDefinitionFormMixin):
     contact_name = StringField(
         lazy_gettext("Name"),
-        validators=[DataRequired()],
+        validators=[DataRequired(), Length(max=255)],
         description=lazy_gettext("Please enter your name for the review."),
     )
     contact_phone = TelField(
         lazy_gettext("Phone"),
-        validators=[Optional()],
+        validators=[Optional(), Length(max=255)],
         description=lazy_gettext(
             "Please enter your phone number or email address for the review."
         ),
     )
     contact_email = EmailField(
         lazy_gettext("Email"),
-        validators=[Optional()],
+        validators=[Optional(), Length(max=255)],
         description=lazy_gettext(
             "Please enter your email address or phone number for the review."
         ),
diff --git a/project/forms/organizer.py b/project/forms/organizer.py
index aee39da..4e75d38 100644
--- a/project/forms/organizer.py
+++ b/project/forms/organizer.py
@@ -2,17 +2,21 @@ from flask_babel import lazy_gettext
 from flask_wtf import FlaskForm
 from wtforms import DecimalField, FormField, StringField, SubmitField
 from wtforms.fields import EmailField, TelField, URLField
-from wtforms.validators import DataRequired, Optional
+from wtforms.validators import DataRequired, Length, Optional
 
 from project.forms.common import Base64ImageForm
 from project.models import Image, Location
 
 
 class OrganizerLocationForm(FlaskForm):
-    street = StringField(lazy_gettext("Street"), validators=[Optional()])
-    postalCode = StringField(lazy_gettext("Postal code"), validators=[Optional()])
-    city = StringField(lazy_gettext("City"), validators=[Optional()])
-    state = StringField(lazy_gettext("State"), validators=[Optional()])
+    street = StringField(
+        lazy_gettext("Street"), validators=[Optional(), Length(max=255)]
+    )
+    postalCode = StringField(
+        lazy_gettext("Postal code"), validators=[Optional(), Length(max=255)]
+    )
+    city = StringField(lazy_gettext("City"), validators=[Optional(), Length(max=255)])
+    state = StringField(lazy_gettext("State"), validators=[Optional(), Length(max=255)])
     latitude = DecimalField(
         lazy_gettext("Latitude"), places=16, validators=[Optional()]
     )
@@ -22,10 +26,12 @@ class OrganizerLocationForm(FlaskForm):
 
 
 class BaseOrganizerForm(FlaskForm):
-    name = StringField(lazy_gettext("Name"), validators=[DataRequired()])
-    url = URLField(lazy_gettext("Link URL"), validators=[Optional()])
-    email = EmailField(lazy_gettext("Email"), validators=[Optional()])
-    phone = TelField(lazy_gettext("Phone"), validators=[Optional()])
+    name = StringField(
+        lazy_gettext("Name"), validators=[DataRequired(), Length(max=255)]
+    )
+    url = URLField(lazy_gettext("Link URL"), validators=[Optional(), Length(max=255)])
+    email = EmailField(lazy_gettext("Email"), validators=[Optional(), Length(max=255)])
+    phone = TelField(lazy_gettext("Phone"), validators=[Optional(), Length(max=255)])
     fax = TelField(lazy_gettext("Fax"), validators=[Optional()])
     logo = FormField(Base64ImageForm, lazy_gettext("Logo"), default=lambda: Image())
     location = FormField(OrganizerLocationForm)