16 matches found
EUVD-2025-19948
Malicious code in bioql PyPI...
EUVD-2023-28037
Malicious code in bioql PyPI...
CVE-2025-28967
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Truman Contact Us page - Contact people LITE contact-us-page-contact-people allows SQL Injection.This issue affects Contact Us page - Contact people LITE: from n/a through = 3.7.4...
CVE-2025-28967
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Truman Contact Us page - Contact people LITE contact-us-page-contact-people allows SQL Injection.This issue affects Contact Us page - Contact people LITE: from n/a through = 3.7.4...
CVE-2025-28967 WordPress Contact Us page - Contact people LITE plugin <= 3.7.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Steve Truman Contact Us page - Contact people LITE contact-us-page-contact-people allows SQL Injection.This issue affects Contact Us page - Contact people LITE: from n/a through = 3.7.4...
CVE-2025-28967
CVE-2025-28967 concerns the WordPress plugin Contact Us page – Contact People Lite, affected up to version 3.7.4. The issue is an SQL Injection caused by improper neutralization of input elements in SQL commands. Wordfence data shows a CVSS v3.1 base score of 8.5 (HIGH) with NETWORK attack vector...
WordPress plugin Contact Us page - Contact people LITE SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Contact Us page - Contact...
CVE-2025-5123
The Contact Us Page – Contact People plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ parameter in all versions up to, and including, 3.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-5123
The Contact Us Page – Contact People plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ parameter in all versions up to, and including, 3.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-5123
The Contact Us Page – Contact People plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ parameter in all versions up to, and including, 3.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress plugin Contact Us Page – Contact People 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Contact Us Page - Contact People plugin, which stems from insufficient input cleanup and escaping, and can be...
CVE-2023-23973
Cross-Site Request Forgery CSRF vulnerability in a3rev Software Contact Us Page – Contact People plugin = 3.7.0...
CVE-2023-23973
Cross-Site Request Forgery CSRF vulnerability in a3rev Software Contact Us Page – Contact People plugin = 3.7.0...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in a3rev Software Contact Us Page – Contact People plugin = 3.7.0...
CVE-2023-23973
CVE-2023-23973 affects the WordPress plugin “a3rev Software Contact Us Page – Contact People” (versions <= 3.7.0). The root cause is a CSRF weakness that allows creation and potentially manipulation of contact entries because no CSRF protection is present (unauthenticated access described in P...
CVE-2023-23973 WordPress Contact Us page - Contact people LITE Plugin <= 3.7.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in a3rev Software Contact Us Page – Contact People plugin = 3.7.0...