225 matches found
CRM Perks Forms < 1.1.1 - Cross Site Scripting
The plugin does not sanitise and escape some parameters from a sample file before outputting them back in the page, leading to Reflected Cross-Site Scripting id: CVE-2022-38467 info: name: CRM Perks Forms 1.1.1 - Cross Site Scripting author: r3Y3r53 severity: medium description: | The plugin does...
CRM Perks Forms <= 1.1.4 - SQL Injection
CRM Perks CRM Perks Forms affected versions 1.1.4 and earlier contains a SQL injection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction. id: CVE-2024-30498 info: name: CRM Perks Forms ...
EUVD-2026-15725
Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Mailchimp and Contact Form 7, WPForms, Elementor,...
CVE-2026-32527
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable...
CVE-2026-32527
Missing Authorization vulnerability in CRM Perks WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-insightly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Insightly for Contact Form 7, WPForms, Elementor, Formidable...
CVE-2026-25430
CVE-2026-25430 describes a Missing Authorization vulnerability in the Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms (cf7-mailchimp). Affected versions are from n/a through 1.2.2. The issue arises from incorrectly configured access control, enabling network-attacker...
PT-2026-27945
Name of the Vulnerable Software and Affected Versions CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms versions through 1.2.2 Description An authorization issue exists in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms...
CVE-2026-24559
Insertion of Sensitive Information Into Sent Data vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Retrieve Embedded Sensitive Data.This issue affects Integration for Contact Form 7 HubSpot: from n/a through = 1.4.3...
CVE-2026-24559
Insertion of Sensitive Information Into Sent Data vulnerability in CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot allows Retrieve Embedded Sensitive Data.This issue affects Integration for Contact Form 7 HubSpot: from n/a through = 1.4.3...
PT-2026-4401
Name of the Vulnerable Software and Affected Versions CRM Perks Integration for Contact Form 7 HubSpot versions n/a through 1.4.3 Description The CRM Perks Integration for Contact Form 7 HubSpot cf7-hubspot contains a flaw that allows retrieval of embedded sensitive data. This issue relates to th...
CVE-2023-31095
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8...
CVE-2024-34756
Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Contact Form 7 HubSpot.This issue affects Integration for Contact Form 7 HubSpot: from n/a through 1.3.1...
CVE-2025-60090
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...
CVE-2025-60180
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...
EUVD-2025-204099
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...
EUVD-2025-204097
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...
EUVD-2025-204096
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...
EUVD-2025-204101
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through = 1.3.5...
CVE-2025-60178
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...
CVE-2025-60178
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...