26 matches found
CVE-2025-60090 WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...
PT-2025-52146
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...
WordPress plugin WP Gravity Forms Insightly 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability
Deserialization of untrusted data vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WP Gravity Forms Insightly versions = 1.1.6...
Insightly: Email verification bypass via request to endpoint "accounts.insightly.com/signup/provisionuser"
The vulnerability allowed bypassing email verification when creating a new Insightly account. The vulnerability existed in the "EmailAddress" parameter of the member creation endpoint. By modifying the parameter, an attacker could create a new account using any email address, including those of...
Insightly: returnUrl= allow attacker to redirect users to the another phising website and takeover credientials
The application at https://crm.na1.insightly.com was found to be vulnerable to a redirect vulnerability. An attacker could have redirected users to a malicious website by manipulating the 'returnUrl' parameter in the login authentication process. This could have allowed the attacker to potentiall...