CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

NVD•added 2026/01/09 12:15 p.m.•6 views

CVE-2025-13717

The Contact Form vCard Generator plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wpgvccfcheckdownloadrequest' function in all versions up to, and including, 2.4. This makes it possible for unauthenticated attackers to export sensitive...

5.3CVSS0.00321EPSS

Exploits0References5

CVE•added 2026/01/09 11:15 a.m.•19 views

CVE-2025-13717

CVE-2025-13717 affects Contact Form vCard Generator for WordPress. The vulnerability arises from a missing authorization check in wp_gvc_cf_settings.php (function wp_gvccf_check_download_request) that exists in all versions up to and including 2.4. This enables unauthenticated attackers to export...

5.3CVSS5AI score0.00321EPSS

Exploits0References5

Patchstack•added 2026/01/08 11:10 p.m.•9 views

WordPress Contact Form vCard Generator plugin <= 2.4 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability

Missing Authorization to Unauthenticated Sensitive Information Exposure via 'wp-gvc-cf-download-id' Parameter vulnerability discovered by Sopon Tangpathum SoNaJaa - freelance in WordPress Plugin Contact Form vCard Generator versions = 2.4...

5.3CVSS6.9AI score0.00321EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-9616

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00257EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 3:57 p.m.•5 views

CVE-2025-39521

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Reflected XSS.This issue affects Contact Form vCard Generator: from n/a through = 2.4...

7.1CVSS7.2AI score0.00235EPSS

Exploits0References1

NVD•added 2025/04/17 4:15 p.m.•6 views

CVE-2025-39521

7.1CVSS0.00235EPSS

Exploits0References1

RedhatCVE•added 2025/04/05 2:22 p.m.•9 views

CVE-2025-31582

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Stored XSS.This issue affects Contact Form vCard Generator: from n/a through = 2.4...

7.1CVSS7.2AI score0.00257EPSS

Exploits0References1

NVD•added 2025/04/03 2:15 p.m.•4 views

CVE-2025-31582

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Stored XSS.This issue affects Contact Form vCard Generator: from n/a through = 2.4...

7.1CVSS0.00257EPSS

Exploits0References1

Cvelist•added 2025/04/03 1:27 p.m.•14 views

CVE-2025-31582 WordPress Contact Form vCard Generator plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani Contact Form vCard Generator contact-form-vcard-generator allows Stored XSS.This issue affects Contact Form vCard Generator: from n/a through = 2.4...

7.1CVSS0.00257EPSS

Exploits0References1

Vulnrichment•added 2025/04/03 1:27 p.m.•5 views

CVE-2025-31582 WordPress Contact Form vCard Generator plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ashish Ajani Contact Form vCard Generator allows Stored XSS. This issue affects Contact Form vCard Generator: from n/a through 2.4...

7.1CVSS6.9AI score0.00257EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by