Lucene search
K

119 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57701

Malicious code in bioql PyPI...

6.5CVSS6.1AI score0.00408EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57734

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00395EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57731

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00403EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57730

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00403EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-57726

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00395EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-47427

Malicious code in bioql PyPI...

7.2CVSS6.5AI score0.00907EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.8 views

CVE-2023-5416

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfdeletecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

4.3CVSS6.4AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.9 views

CVE-2023-5415

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfaddcategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.21 views

CVE-2023-5417

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfupdatecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

4.3CVSS6.4AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.8 views

CVE-2023-5386

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfdeleteposts function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

6.5CVSS6.8AI score0.00408EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.8 views

CVE-2023-5387

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfaf2triggerdarkmode function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and...

4.3CVSS6.5AI score0.00403EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.14 views

CVE-2023-5385

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfcopyposts function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

4.3CVSS6.6AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:31 a.m.7 views

CVE-2023-5383

The Funnelforms Free plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.4. This is due to missing or incorrect nonce validation on the fnsfcopyposts function. This makes it possible for unauthenticated attackers to create copies of arbitrary posts...

4.3CVSS6.7AI score0.00234EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.7 views

CVE-2023-5419

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfaf2testmail function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

4.3CVSS6AI score0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/04 2:40 a.m.18 views

CVE-2024-10587 Funnelforms Free <= 3.7.5.1 - Authenticated (Contributor+) PHP Object Injection

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.7.5.1 via deserialization of untrusted input. This makes it possible for authenticated attackers,...

8.8CVSS0.00605EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/04 2:40 a.m.10 views

CVE-2024-10587 Funnelforms Free <= 3.7.5.1 - Authenticated (Contributor+) PHP Object Injection

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.7.5.1 via deserialization of untrusted input. This makes it possible for authenticated attackers,...

8.8CVSS7.5AI score0.00605EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/04 12:0 a.m.3 views

WordPress plugin Funnelforms Free 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

8.8CVSS8.5AI score0.00605EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/12/03 2:48 p.m.3 views

WordPress Funnelforms Free plugin <= 3.7.5.1 - Authenticated (Contributor+) PHP Object Injection vulnerability

Authenticated Contributor+ PHP Object Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin Funnelforms Free versions = 3.7.5.1...

8.8CVSS7.3AI score0.00605EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/08/29 11:15 a.m.21 views

CVE-2024-5857

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the af2handelfileremove AJAX action in all versions up to, and including, 3.7.3.2. This makes it...

5.3CVSS0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/29 3:30 a.m.17 views

CVE-2024-5857 Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free <= 3.7.3.2 - Missing Authorization to Unauthenticated Arbitrary Media Deletion

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the af2handelfileremove AJAX action in all versions up to, and including, 3.7.3.2. This makes it...

5.3CVSS5.2AI score0.00317EPSS
Exploits0References2
Rows per page
Query Builder