Lucene search
K

230 matches found

Vulnrichment
Vulnrichment
added 2024/06/09 5:10 p.m.17 views

CVE-2024-32705 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation Vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS5.1AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 5:10 p.m.34 views

CVE-2024-32705 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation Vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS0.00382EPSS
Exploits0References1
CVE
CVE
added 2024/06/09 5:10 p.m.68 views

CVE-2024-32705

Technical details about CVE-2024-32705 are not provided in the supplied documents. Monitor official advisories and updates from vendors and CVE repositories for new information.

8.8CVSS5.9AI score0.00382EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.7 views

PT-2024-24791 · Repute Infosystems · Arforms

Name of the Vulnerable Software and Affected Versions: reputeinfosystems ARForms versions n/a through 6.4 Description: The issue is related to a Missing Authorization vulnerability in reputeinfosystems ARForms. Recommendations: For versions n/a through 6.4, at the moment, there is no information...

7.1CVSS6.5AI score0.00335EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.5 views

WordPress plugin ARForms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.1CVSS6.7AI score0.00335EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.5 views

WordPress plugin ARForms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.8CVSS6.7AI score0.00382EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.5 views

WordPress plugin ARForms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.1CVSS6.7AI score0.00577EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/09 12:0 a.m.8 views

PT-2024-24790 · Repute Infosystems · Arforms

Name of the Vulnerable Software and Affected Versions: ARForms versions n/a through 6.4 Description: A Missing Authorization issue affects reputeinfosystems ARForms. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents...

8.1CVSS6.7AI score0.00577EPSS
Exploits0References8
Patchstack
Patchstack
added 2024/06/07 8:7 a.m.5 views

WordPress ArForms Premium plugin < 6.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin ARForms versions 6.6...

4.8CVSS6.1AI score0.00351EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/06/07 8:6 a.m.5 views

WordPress ArForms Premium plugin < 6.6 - Unauthenticated RCE vulnerability

Unauthenticated RCE vulnerability discovered by mgthuramoemyint in WordPress Plugin ARForms versions 6.6...

9.8CVSS7AI score0.03345EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2024/06/07 6:15 a.m.3 views

CVE-2024-4621

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

4.8CVSS5.8AI score0.00351EPSS
Exploits2References1
OSV
OSV
added 2024/06/07 6:15 a.m.5 views

CVE-2024-4620

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form...

9.8CVSS5.8AI score0.03345EPSS
Exploits2References1
NVD
NVD
added 2024/06/07 6:15 a.m.34 views

CVE-2024-4621

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

4.8CVSS0.00351EPSS
Exploits2References1
CVE
CVE
added 2024/06/07 6:0 a.m.73 views

CVE-2024-4621

CVE-2024-4621 affects ARForms – Premium WordPress Form Builder Plugin prior to version 6.6. The issue is a Stored XSS vulnerability caused by insufficient sanitisation/escaping of certain plugin settings, potentially allowing high-privilege users (e.g., admins) to inject scripts even when unfilte...

4.8CVSS4.9AI score0.00351EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/07 6:0 a.m.22 views

CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form...

7AI score0.03345EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/07 6:0 a.m.30 views

CVE-2024-4620 ArForms < 6.6 - Unauthenticated RCE

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file input is included on a form...

0.03345EPSS
Exploits2References1
CVE
CVE
added 2024/06/07 6:0 a.m.99 views

CVE-2024-4620

CVE-2024-4620 concerns ARForms – Premium WordPress Form Builder Plugin. The vulnerability affects versions prior to 6.6 and allows unauthenticated users to modify uploaded files in a form so that PHP code can be uploaded, enabling remote code execution on affected WordPress servers. The CVSS v3.1...

9.8CVSS9.6AI score0.03345EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/07 6:0 a.m.21 views

CVE-2024-4621 ArForms < 6.6 - Admin+ Stored XSS

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

5.7AI score0.00351EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/07 6:0 a.m.29 views

CVE-2024-4621 ArForms < 6.6 - Admin+ Stored XSS

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

0.00351EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/06/07 12:0 a.m.15 views

WordPress ARForms Plugin < 6.6 is vulnerable to Remote Code Execution (RCE)

Software ARForms Type Plugin Vulnerable versions 6.6 Fixed in 6.6 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-4620 Patch priority High CVSS severity High 10 Developer Claim ownership PSID eba026d169e8 Credits mgthuramoemyint Required privilege Unauthenticated...

9.8CVSS7.2AI score0.03345EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder