33 matches found
CVE-2025-9544
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
WordPress Doppler Forms plugin < 2.6.0 - Subscriber+ Limited Plugin Installation vulnerability
Subscriber+ Limited Plugin Installation vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Doppler Forms versions 2.6.0...
EUVD-2025-36602
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544 Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
CVE-2025-9544
CVE-2025-9544 affects the Doppler Forms WordPress plugin (versions up to 2.5.1). The issue is an AJAX action install_extension that does not verify user capabilities or use a nonce, enabling any authenticated user (including Subscriber) to install/activate additional Doppler Forms plugins whiteli...
CVE-2025-9544 Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation
The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX action installextension without verifying user capabilities or using a nonce. As a result, any authenticated user — including those with the Subscriber role — can install and activate additional Doppler Forms WordPress plugin...
PT-2025-44236
Name of the Vulnerable Software and Affected Versions Doppler Forms WordPress plugin versions through 2.5.1 Description The Doppler Forms WordPress plugin registers an AJAX action, install extension, without proper verification of user capabilities or the use of a nonce. This allows any...
WordPress plugin Doppler Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
EUVD-2025-11707
Malicious code in bioql PyPI...
EUVD-2025-10570
Malicious code in bioql PyPI...
EUVD-2025-9856
Malicious code in bioql PyPI...
CVE-2025-32620
Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...
CVE-2025-32620
Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...
CVE-2025-32620 WordPress Doppler Forms plugin <= 2.4.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...
CVE-2025-32620
CVE-2025-32620: Missing Authorization in the WordPress Doppler Forms plugin (
CVE-2025-32620 WordPress Doppler Forms plugin <= 2.4.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in fromdoppler Doppler Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Doppler Forms: from n/a through 2.4.5...
WordPress plugin Doppler Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-17141 · Unknown · Doppler Forms
Name of the Vulnerable Software and Affected Versions: Doppler Forms versions n/a through 2.4.5 Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Doppler Forms versio...
CVE-2025-32667
Cross-Site Request Forgery CSRF vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...