WordPress Contact Form to Any API plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xManticore in WordPress Plugin Contact Form to Any API versions = 3.0.3...

EUVD-2024-28173

Malicious code in bioql PyPI...

EUVD-2023-51961

Malicious code in bioql PyPI...

CVE-2023-47871

Missing Authorization vulnerability in IT Path Solutions Contact Form to Any API allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form to Any API: from n/a through 1.1.6...

CVE-2024-30242

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a through 1.1.8...

WordPress Contact Form to Any API plugin <= 1.2.2 - Unauthenticated Stored Cross-Site Scripting via Contact Form vulnerability

Unauthenticated Stored Cross-Site Scripting via Contact Form vulnerability discovered by Jorgson in WordPress Plugin Contact Form to Any API versions = 1.2.4...

WordPress Contact Form to Any API Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.2.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7617 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8a05dbbe144d Credits Jorgson...

CVE-2024-30242 WordPress Contact Form to Any API plugin <= 1.1.8 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a through 1.1.8...

WordPress Contact Form to Any API Plugin <= 1.1.8 is vulnerable to SQL Injection

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.1.8 Fixed in 1.1.9 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30242 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID f2d596609a9a Credits Le Ngoc Anh Required privilege Subscrib...

WordPress Contact Form To Any API 1.1.6 Cross Site Request Forgery

Exploit Title: WP Plugins Contact Form to Any API history.pushState'', '', '/'; document.forms0.submit; Recommendation Upgrade to version 1.1.7...

WordPress Contact Form to Any API Plugin <= 1.1.6 is vulnerable to Broken Access Control

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.1.6 Fixed in 1.1.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47871 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 81c0f0123458 Credits Arvandy Require...

CVE-2023-32741

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2...

CVE-2023-32741 WordPress Contact Form to Any API Plugin <= 1.1.2 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2...

PT-2023-23989 · Unknown · Contact Form To Any Api

Name of the Vulnerable Software and Affected Versions: Contact Form to Any API versions 1.1.2 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

WordPress Contact Form to Any API Plugin <= 1.1.2 is vulnerable to SQL Injection

Software Contact Form to Any API Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-32741 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 7672258ac26c Credits Arvandy Required privilege Administrator...