195 matches found
CVE-2022-50959
WordPress Contact Form Builder 1.6.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting the formid parameter. Attackers can craft malicious URLs to codegenerator.php with script payloads in the formid parameter t...
CVE-2022-50959
CVE-2022-50959 affects WordPress Contact Form Builder 1.6.1. It is a reflected cross-site scripting vulnerability where an unauthenticated attacker can cause arbitrary JavaScript execution in a victim’s browser by injecting payloads via the form_id parameter, using crafted URLs to code_generator....
CVE-2022-50959 WordPress Contact Form Builder 1.6.1 Cross-Site Scripting via code_generator.php
WordPress Contact Form Builder 1.6.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting the formid parameter. Attackers can craft malicious URLs to codegenerator.php with script payloads in the formid parameter t...
CVE-2022-50959 WordPress Contact Form Builder 1.6.1 Cross-Site Scripting via code_generator.php
WordPress Contact Form Builder 1.6.1 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by exploiting the formid parameter. Attackers can craft malicious URLs to codegenerator.php with script payloads in the formid parameter t...
WordPress plugin Contact Form Builder 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CVE-2026-1454
The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...
CVE-2026-1454
Affected product: WordPress plugin “Responsive Contact Form Builder & Lead Generation Plugin” (Lead Form Builder); vulnerable in all versions up to 2.0.1. Root cause: insufficient input sanitization in lfb_lead_sanitize() (omits certain field types from its whitelist) and an overly permissive wp_...
CVE-2026-1454
The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...
CVE-2026-1454 Responsive Contact Form Builder & Lead Generation Plugin <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting
The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...
CVE-2023-45275
Missing Authorization vulnerability in WP Chill Kali Forms kali-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kali Forms: from n/a through = 2.3.28...
EUVD-2023-39901
Malicious code in bioql PyPI...
EUVD-2023-49581
Malicious code in bioql PyPI...
EUVD-2023-50344
Malicious code in bioql PyPI...
EUVD-2023-33806
Malicious code in bioql PyPI...
EUVD-2023-33807
Malicious code in bioql PyPI...
EUVD-2024-33484
Malicious code in bioql PyPI...
EUVD-2023-56809
Malicious code in bioql PyPI...
EUVD-2025-10458
Malicious code in bioql PyPI...
EUVD-2023-50336
Malicious code in bioql PyPI...
EUVD-2024-35505
Malicious code in bioql PyPI...