27 matches found
EUVD-2020-30185
Malware in sbrugna...
EUVD-2025-28469
Malicious code in bioql PyPI...
CVE-2025-52794
Cross-Site Request Forgery CSRF vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through = 1.0.0...
CVE-2025-52794
Cross-Site Request Forgery CSRF vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through = 1.0.0...
CVE-2025-52794
CVE-2025-52794 is a CSRF vulnerability in the WordPress plugin Creative Contact Form that can enable Stored XSS. Public details in the provided documents indicate the issue affects versions up to 1.0.0. The connected sources (CNVD, CNNVD, PT-Security, PatchSTACK) describe the vulnerability and co...
CVE-2025-52794 WordPress Creative Contact Form plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through = 1.0.0...
CVE-2025-52794 WordPress Creative Contact Form plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through = 1.0.0...
WordPress plugin Creative Contact Form 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. The WordPress Creative Contact Form Plugin suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a...
PT-2025-26422 · Unknown · Creative Contact Form
Name of the Vulnerable Software and Affected Versions: Creative Contact Form versions 1.0.0 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application...
WordPress Creative Contact Form plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Creative Contact Form versions = 1.0.0...
CVE-2020-9364
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactformupload parameter. An attacker could exploit this...
CVE-2024-56218
Cross-Site Request Forgery CSRF vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through = 5.0.1...
jQuery File Upload Plugin Unrestricted file upload vulnerability
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...
Creative Contact Form extension path traversal vulnerability
Creative Contact Form is a responsive jQuery contact form for Joomla! A path traversal vulnerability exists in the helpers/mailer.php file in the Creative Contact Form extension version 4.6.2 for Joomla! prior to 2019-12-03. The vulnerability stems from a failure of a networked system or product ...
Creative Contact Form 4.6.2 Directory Traversal
Directory Traversal in Creative Contact Form Overview Identifier: AIT-SA-20200301-01 Target: Creative Contact Form for Joomla Vendor: Creative Solutions Version: 4.6.2 before Dec 03 2019 CVE: CVE-2020-9364 Accessibility: Remote Severity: Critical Author: Wolfgang Hotwagner AIT Austrian Institute ...
Creative Contact Form 4.6.2 Directory Traversal Vulnerability
Creative Contact Form version 4.6.2 before Dec 03 2019 suffers from a directory traversal vulnerability. Directory Traversal in Creative Contact Form Overview Identifier: AIT-SA-20200301-01 Target: Creative Contact Form for Joomla Vendor: Creative Solutions Version: 4.6.2 before Dec 03 2019 CVE:...
CVE-2020-9364
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactformupload parameter. An attacker could exploit this...
CVE-2020-9364
CVE-2020-9364 affects Creative Contact Form for Joomla (versions 4.6.2 and earlier). A directory traversal flaw exists in the helpers/mailer.php file, in the filename field for uploaded attachments processed via the creativecontactform_upload parameter. An attacker could abuse the "Send me a copy...
CVE-2020-9364
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactformupload parameter. An attacker could exploit this...
PT-2020-20612 · Creative · Creative Contact Form
Name of the Vulnerable Software and Affected Versions: Creative Contact Form extension versions 4.6.2 and earlier Description: A directory traversal issue resides in the filename field for uploaded attachments via the creativecontactform upload parameter in the helpers/mailer.php file. This allow...