49 matches found
EUVD-2024-21016
Malicious code in bioql PyPI...
EUVD-2024-40843
Malicious code in bioql PyPI...
EUVD-2023-52785
Malicious code in bioql PyPI...
CVE-2024-44063
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...
CVE-2024-23521
Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10...
CVE-2023-48752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...
CVE-2023-0096
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-10054
The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress Happyforms plugin < 1.26.3 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Happyforms versions 1.26.3...
CVE-2024-10054
The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-10054
The CVE-2024-10054 entry concerns the WordPress Happyforms plugin (versions before 1.26.3). Affected component: settings sanitization/escaping in the plugin allows high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting, potentially even when unfiltered_html is disallowed (nota...
CVE-2024-10054 Happyforms < 1.26.3 - Admin+ Stored XSS
The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-10054 Happyforms < 1.26.3 - Admin+ Stored XSS
The Happyforms WordPress plugin before 1.26.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2025-21393 · WordPress · Happyforms
Name of the Vulnerable Software and Affected Versions: Happyforms versions prior to 1.26.3 Description: The issue concerns the Happyforms plugin for WordPress, where certain settings are not properly sanitized and escaped. This could allow high-privilege users, such as administrators, to perform...
WordPress plugin Happyforms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-44063
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...
CVE-2024-44063
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...
CVE-2024-44063 WordPress Happyforms plugin <= 1.26.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...
CVE-2024-44063 WordPress Happyforms plugin <= 1.26.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Happyforms allows Stored XSS.This issue affects Happyforms: from n/a through 1.26.0...
CVE-2024-44063
CVE-2024-44063 affects the WordPress plugin Happyforms. A stored XSS exists due to improper neutralization of input during web page generation, affecting Happyforms 1.26.0 and earlier. The risk is that malicious input could be stored and executed in user contexts. Remediation per connected source...