Lucene search
K

230 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:49 a.m.13 views

CVE-2018-15818

An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php...

7.5CVSS6.8AI score0.02049EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/05/15 8:6 p.m.17 views

CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS

The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

0.00275EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:6 p.m.7 views

CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS

The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

5.4AI score0.00275EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:11 a.m.21 views

CVE-2024-32703

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

8.1CVSS5.9AI score0.00577EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:5 a.m.10 views

CVE-2024-32705

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

8.8CVSS5.9AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:0 a.m.4 views

CVE-2024-32702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS5.9AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:59 a.m.11 views

CVE-2024-32706

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

8.8CVSS5.9AI score0.00565EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:54 a.m.18 views

CVE-2024-32704

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS5.9AI score0.00335EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 5:37 a.m.8 views

CVE-2024-1945

The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'arfliteremovepreviewdata' function in all versions up to, and including, 1.6.4. This makes it possible for...

7.1CVSS6.5AI score0.00428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:3 a.m.7 views

CVE-2024-54216

Path Traversal: '.../...//' vulnerability in reputeinfosystems ARForms arforms allows Path Traversal.This issue affects ARForms: from n/a through = 6.4.1...

7.7CVSS7.2AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:48 a.m.8 views

CVE-2024-37920

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7...

7.1CVSS6.9AI score0.00327EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:28 a.m.8 views

CVE-2024-31270

Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

8CVSS8.6AI score0.00361EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.19 views

CVE-2024-54223

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in reputeinfosystems ARForms Form Builder arforms-form-builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through = 1.7.1...

6.1CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.5 views

CVE-2024-54223

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Contact Form - Repute InfoSystems ARForms Form Builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through 1.7.1...

6.1CVSS7.3AI score0.00324EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.23 views

CVE-2024-54217

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4.1...

5.4CVSS0.00433EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 1:15 p.m.5 views

CVE-2024-54217

Missing Authorization vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4.1...

5.4CVSS7.3AI score0.00433EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 12:58 p.m.23 views

CVE-2024-54217 WordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4.1...

5.4CVSS0.00433EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 12:58 p.m.65 views

CVE-2024-54217

CVE-2024-54217 describes a Missing Authorization vulnerability in the WordPress plugin ARForms by Repute Info Systems, affecting ARForms versions from n/a up to and including 6.4.1. The connected sources confirm the issue is related to unauthorized changes to the plugin settings (“Plugin Settings...

5.4CVSS7.2AI score0.00433EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/09 11:31 a.m.20 views

CVE-2024-54223 WordPress ARForms plugin <= 1.7.1 - HTML Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in reputeinfosystems ARForms Form Builder arforms-form-builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through = 1.7.1...

5.3CVSS0.00324EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.61 views

CVE-2024-54223

CVE-2024-54223 is a documented HTML/Script-injection vulnerability in the ARForms Form Builder for WordPress (Contact Form - Repute InfoSystems). The issue is described as an improper neutralization of script-related HTML tags in a web page, resulting in a Basic XSS and potential code injection. ...

6.1CVSS7.3AI score0.00324EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder