Lucene search
+L

273 matches found

OSV
OSV
added 2023/10/31 3:15 p.m.4 views

CVE-2023-24410

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin –...

9.8CVSS7.3AI score0.00723EPSS
Exploits0References1
Prion
Prion
added 2023/10/31 3:15 p.m.19 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin –...

7.5CVSS9.8AI score0.00723EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/31 2:25 p.m.119 views

CVE-2023-24410

CVE-2023-24410: WordPress plugin FluentForm (Contact Form Plugin – Fastest Contact Form Builder)

9.8CVSS8.9AI score0.00723EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.7 views

WordPress Plugin Contact Form Plugin - Fastest Contact Form Builder Plugin for WordPress by Fluent Forms SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Contact Form Plugin -...

9.8CVSS7.7AI score0.00723EPSS
Exploits0References2
CNVD
CNVD
added 2021/07/09 12:0 a.m.29 views

WordPress WP Fluent Forms plugin cross-site request forgery vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.A cross-site request forgery vulnerability exists in versions of WordPress WP Fluent Forms plugin prior ...

6.8CVSS0.8AI score0.02633EPSS
Exploits1Affected Software1
OSV
OSV
added 2021/07/07 1:15 p.m.4 views

CVE-2021-34620

The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...

8.8CVSS7.3AI score0.02633EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/07/07 12:21 p.m.20 views

CVE-2021-34620 CSRF in WP Fluent Forms < 3.6.67 allows stored XSS and Privilege Escalation

The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...

8.4AI score0.02633EPSS
Exploits1References2
CVE
CVE
added 2021/07/07 12:21 p.m.63 views

CVE-2021-34620

CVE-2021-34620 affects the WP Fluent Forms plugin for WordPress, specifically versions prior to 3.6.67. The root cause is a missing nonce check in the access control function for administrative AJAX actions, enabling Cross-Site Request Forgery that can lead to stored Cross-Site Scripting and a li...

8.8CVSS8.3AI score0.02633EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/07/07 12:21 p.m.8 views

CVE-2021-34620 CSRF in WP Fluent Forms < 3.6.67 allows stored XSS and Privilege Escalation

The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...

8.2AI score0.02633EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.6 views

WordPress 跨站请求伪造漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.A cross-site request forgery vulnerability exists in versions of WordPress WP Fluent Forms plugin prior ...

8.8CVSS5.3AI score0.02633EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2021/07/07 12:0 a.m.5 views

PT-2021-20587 · WordPress · Fluent Forms

Name of the Vulnerable Software and Affected Versions: WP Fluent Forms plugin versions prior to 3.6.67 Description: The issue is related to a missing nonce check in the access control function for administrative AJAX actions, leading to Cross-Site Request Forgery, which can result in stored...

8.8CVSS6.3AI score0.02633EPSS
Exploits1References4
WPVulnDB
WPVulnDB
added 2021/06/17 12:0 a.m.30 views

WP Fluent Forms < 3.6.67 - Cross-Site Request Forgery (CSRF)

The WP Fluent Forms WordPress plugin was vulnerable to a Cross-Site Request Forgery CSRF vulnerability that could lead to Stored Cross-Site Scripting XSS...

8.8CVSS1.7AI score0.02633EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/06/16 12:0 a.m.2 views

CVE-2021-34620

The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...

8.8CVSS7.2AI score0.02633EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder