10 matches found
CVE-2025-60174
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...
CVE-2025-67580
CVE-2025-67580 concerns a Missing Authorization vulnerability in the WordPress plugin pair “Constant Contact + WooCommerce” (plugin slug constant-contact-woocommerce) affecting versions n/a through 2.4.1. The issue arises from broken access control; an attacker may exploit misconfigured access le...
CVE-2025-67580 WordPress Constant Contact + WooCommerce plugin <= 2.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Constant Contact Constant Contact + WooCommerce constant-contact-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact + WooCommerce: from n/a through = 2.4.1...
EUVD-2025-17220
Malicious code in bioql PyPI...
CVE-2025-48101
Deserialization of Untrusted Data vulnerability in webdevstudios Constant Contact for WordPress allows Object Injection. This issue affects Constant Contact for WordPress: from n/a through 4.1.1...
PT-2025-36767
Name of the Vulnerable Software and Affected Versions: Constant Contact for WordPress versions through 4.1.1 Description: Deserialization of untrusted data in Constant Contact for WordPress allows for object injection. Recommendations: Update Constant Contact for WordPress to a version later than...
CVE-2025-54684 WordPress Integration for Contact Form 7 and Constant Contact Plugin plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks Integration for Contact Form 7 and Constant Contact cf7-constant-contact allows Stored XSS.This issue affects Integration for Contact Form 7 and Constant Contact: from n/a through = 1.1.7...
CVE-2025-54684 WordPress Integration for Contact Form 7 and Constant Contact Plugin plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks Integration for Contact Form 7 and Constant Contact cf7-constant-contact allows Stored XSS.This issue affects Integration for Contact Form 7 and Constant Contact: from n/a through = 1.1.7...
CVE-2025-30954 WordPress WP Gravity Forms Constant Contact Plugin <= 1.1.0 - Open Redirection Vulnerability
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Phishing.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.0...
PT-2025-24176 · WordPress · Wp Gravity Forms Constant Contact Plugin
Name of the Vulnerable Software and Affected Versions: WP Gravity Forms Constant Contact Plugin versions 1.1.0 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing. This vulnerability can be...