Lucene search
K

60 matches found

NVD
NVD
added 14 hours ago5 views

CVE-2025-11977

The Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.26.12 via the happyformsgetformpartial function. This makes it possible for authenticat...

6.6CVSS
Exploits0References4
Cvelist
Cvelist
added 15 hours ago6 views

CVE-2025-11977 HappyForms <= 1.26.12 - Authenticated (Admin+) Local File Inclusion

The Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.26.12 via the happyformsgetformpartial function. This makes it possible for authenticat...

6.6CVSS
Exploits0References4
CVE
CVE
added 15 hours ago11 views

CVE-2025-11977

The CVE-2025-11977 entry concerns the WordPress plugin Happyforms – Form Builder for WordPress (drag & drop forms, surveys, payments, multipurpose forms). A Local File Inclusion vulnerability exists in all versions up to and including 1.26.12 via the happyforms_get_form_partial() function. Exploi...

6.6CVSS6.5AI score
Exploits0References4
EUVD
EUVD
added 15 hours ago5 views

EUVD-2025-210450

The Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.26.12 via the happyformsgetformpartial function. This makes it possible for authenticat...

6.6CVSS6.5AI score
Exploits0References4
Patchstack
Patchstack
added yesterday3 views

WordPress Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms plugin <= 1.26.12 - Authenticated (Admin+) Local File Inclusion vulnerability

Authenticated Admin+ Local File Inclusion vulnerability discovered by Rahul Sreenivasan Tr0j4n in WordPress Plugin Happyforms versions = 1.26.12...

6.6CVSS6.1AI score
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/15 9:17 p.m.11 views

CVE-2026-49768

Unauthenticated PHP Object Injection in Happyforms = 1.26.13 versions...

9.8CVSS0.00383EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:19 p.m.19 views

CVE-2026-49768

CVE-2026-49768 affects the WordPress plugin Happyforms (versions ≤ 1.26.13). The vulnerability is an unauthenticated PHP Object Injection in Happyforms, caused by an unsafe object deserialization path. Impact is described as high for confidentiality, integrity, and availability, with a CVSS 3.1 b...

9.8CVSS5.3AI score0.00383EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 8:19 p.m.11 views

EUVD-2026-36891

Unauthenticated PHP Object Injection in Happyforms = 1.26.13 versions...

9.8CVSS5.3AI score0.00383EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:19 p.m.29 views

CVE-2026-49768 WordPress Happyforms plugin <= 1.26.13 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Happyforms = 1.26.13 versions...

9.8CVSS0.00383EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49514

Unauthenticated PHP Object Injection in Happyforms = 1.26.13 versions...

9.8CVSS5.3AI score0.00383EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/04 1:55 p.m.8 views

WordPress Happyforms plugin <= 1.26.13 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by longnv719 in WordPress Plugin Happyforms versions = 1.26.13...

9.8CVSS5.5AI score0.00383EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-21016

Malicious code in bioql PyPI...

5.3CVSS9.1AI score0.00381EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-52785

Malicious code in bioql PyPI...

7.1CVSS7.1AI score0.00412EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-40843

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:33 a.m.10 views

CVE-2024-44063

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...

6.5CVSS6.8AI score0.00246EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 8:53 a.m.7 views

CVE-2024-23521

Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10...

5.3CVSS6.9AI score0.00381EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:46 a.m.6 views

CVE-2023-48752

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...

7.1CVSS7AI score0.00412EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:40 a.m.7 views

CVE-2023-0096

The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS4.4AI score0.00496EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:3 p.m.9 views

CVE-2024-10054

The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS5.7AI score0.00266EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/05/16 11:46 p.m.10 views

WordPress Happyforms plugin < 1.26.3 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Happyforms versions 1.26.3...

4.8CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder