CVE-2025-23812

CVE-2025-23812 : Reflected Cross-Site Scripting in the NotFound Contact Form 7 Round Robin Lead Distribution plugin. Affected: Contact Form 7 Round Robin Lead Distribution from n/a up to version 1.2.1. CVSS v3.1 base score 7.1 (HIGH). Attack vector: NETWORK; Impact: Confidentiality, Integrity, an...

CVE-2025-23812 WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows Reflected XSS.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...

CVE-2025-23812 WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows Reflected XSS.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...

CVE-2025-23784 WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...

WordPress plugin Contact Form 7 Round Robin Lead Distribution SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin Contact Form 7 Round Robin Lead...

WordPress plugin Contact Form 7 Round Robin Lead Distribution 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin...

The vulnerability of the Next.js software platform for creating web applications, related to unlimited resource distribution, allows attackers to trigger service failures.

The vulnerability of the Next.js software platform for creating web applications is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures...

WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Contact Form 7 Round Robin Lead Distribution versions = 1.2.1...

WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Contact Form 7 Round Robin Lead Distribution versions = 1.2.1...

The vulnerability of the App Connect Enterprise Certified Container management tool, related to unlimited resource distribution, allows a attacker to cause a service failure.

The vulnerability of the App Connect Enterprise Certified Container management tool is related to the unlimited distribution of resources during the process of writing files to the local file system. Exploiting this vulnerability can allow a attacker to cause service failures...

Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails

SUMMARY Cybercriminals are deploying a tricky new phishing campaign impersonating the cybersecurity firm CrowdStrike's recruiters to distribute a…...

UBUNTU-CVE-2023-24010

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24012 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24012

CVE-2023-24012 describes a vulnerability in the Data Distribution Service (DDS) chain of trust where an attacker can craft malicious DDS Participants or ROS 2 Nodes with valid certificates to take full control of a secure DDS databus. The root cause is a non-compliant implementation of permission...

CVE-2023-24011 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24011 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24011

CVE-2023-24011 is a DDS ecosystem vulnerability arising from non-compliant permission document verification and improper use of OpenSSL PKCS7_verify to validate S/MIME signatures. Attackers could craft malicious DDS Participants or ROS 2 Nodes with valid certificates to gain full control of a sec...

CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24010 Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS

An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...

CVE-2023-24010

CVE-2023-24010 describes an Achilles’ heel in some DDS vendor configurations: an attacker can craft malicious DDS Participants or ROS 2 Nodes with valid certificates to take control of a secure DDS databus. The root cause is a non-compliant verification of permission documents, specifically an im...