Lucene search
K

230 matches found

Patchstack
Patchstack
added 2024/07/09 6:39 a.m.5 views

WordPress ARForms Form Builder plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin ARForms Form Builder versions = 1.6.7...

7.1CVSS6.1AI score0.00327EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/09 12:0 a.m.10 views

WordPress ARForms Form Builder Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software ARForms Form Builder Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37920 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b04d176ed420 Credits Yudistira Arya Required...

7.1CVSS6.6AI score0.00327EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/06/12 6:15 a.m.23 views

CVE-2024-0427

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions...

6.3CVSS0.00358EPSS
Exploits2References1
OSV
OSV
added 2024/06/12 6:15 a.m.4 views

CVE-2024-0427

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions...

6.3CVSS5.8AI score0.00358EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/06/12 6:0 a.m.14 views

CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions...

6.8AI score0.00358EPSS
Exploits2References1
CVE
CVE
added 2024/06/12 6:0 a.m.54 views

CVE-2024-0427

ARForms - Premium WordPress Form Builder Plugin (WordPress) pre-6.4.1 is vulnerable to a reflected XSS due to improper escaping of user-controlled input in AJAX actions. Affected versions include 6.4.0 and earlier; remediation is to upgrade to 6.4.1 or later. The issue can allow reflected script ...

6.3CVSS6.4AI score0.00358EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/06/12 6:0 a.m.28 views

CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions...

0.00358EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.5 views

WordPress plugin ARForms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.3CVSS6.7AI score0.00358EPSS
Exploits2References2
OSV
OSV
added 2024/06/09 6:15 p.m.6 views

CVE-2024-32704

Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4...

6.5CVSS5.8AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2024/06/09 6:15 p.m.42 views

CVE-2024-32703

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

8.1CVSS0.00577EPSS
Exploits0References2
NVD
NVD
added 2024/06/09 6:15 p.m.31 views

CVE-2024-32704

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS0.00335EPSS
Exploits0References2
OSV
OSV
added 2024/06/09 6:15 p.m.6 views

CVE-2024-32705

Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4...

8.8CVSS5.8AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2024/06/09 6:15 p.m.3 views

CVE-2024-32703

Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4...

8.1CVSS5.8AI score0.00577EPSS
Exploits0References1
NVD
NVD
added 2024/06/09 6:15 p.m.29 views

CVE-2024-32705

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

8.8CVSS0.00382EPSS
Exploits0References2
CVE
CVE
added 2024/06/09 5:17 p.m.61 views

CVE-2024-32703

CVE-2024-32703 : Missing Authorization vulnerability in reputeinfosystems ARForms for WordPress. Affected ARForms versions

8.1CVSS5.9AI score0.00577EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/09 5:17 p.m.14 views

CVE-2024-32703 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary File Deletion vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4...

7.7CVSS6.9AI score0.00577EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 5:17 p.m.43 views

CVE-2024-32703 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.7CVSS0.00577EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/09 5:11 p.m.13 views

CVE-2024-32704 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary WordPress Options Removal vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4...

7.1CVSS6.9AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2024/06/09 5:11 p.m.65 views

CVE-2024-32704

CVE-2024-32704 pertains to the WordPress ARForms plugin by reputeinfosystems, affecting ARForms versions n/a–6.4 with a Missing Authorization vulnerability. Connected sources confirm public details for ARForms as of 6.4 and related advisories (e.g., RH CVE entry); no exploits or exact vectors are...

7.1CVSS5.9AI score0.00335EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/09 5:11 p.m.34 views

CVE-2024-32704 WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary WordPress Options Removal vulnerability

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

7.1CVSS0.00335EPSS
Exploits0References1
Rows per page
Query Builder