4 matches found
CVE-2025-12718 Quick Contact Form <= 8.2.6 - Unauthenticated Open Mail Relay
The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to, and including, 8.2.6. This is due to the 'qcfvalidateform' AJAX endpoint allowing a user controlled parameter to set the 'from' email address. This makes it possible for unauthenticated attackers t...
WordPress Element Pack Addons for Elementor plugin <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery vulnerability
Authenticated Subscriber+ Blind Server-Side Request Forgery vulnerability discovered by LionTree in WordPress Plugin Element Pack Elementor Addons versions = 8.2.5...
WordPress plugin WoodMart 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...
SUSE CVE-2021-35575
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...