134 matches found
CVE-2025-24636 WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...
CVE-2025-24636 WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through = 1.4.1...
CVE-2025-24636
CVE-2025-24636 : WordPress MachForm Shortcode (Laymance Technologies LLC) has a CSRF to Stored XSS vulnerability affecting MachForm Shortcode versions up to 1.4.1. The vulnerability is rated with CVSSv3.1 base score 7.1 (HIGH). Public references indicate the issue exists in the plugin from n/a th...
WordPress MachForm Shortcode plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin MachForm Shortcode versions = 1.4.1...
PT-2025-5464 · Unknown · Machform Shortcode
Name of the Vulnerable Software and Affected Versions: MachForm Shortcode versions 1.4.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application,...
WordPress plugin MachForm Shortcode 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37765
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37765
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37762
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution...
CVE-2024-37762
MachForm up to version 21 is affected by an authenticated unrestricted file upload which leads to a remote code execution...
Exploit for SQL Injection in Machform
Description MachForm up to version 19 is affected by an authen...
PT-2024-27736 · Machform · Machform
Name of the Vulnerable Software and Affected Versions: MachForm versions prior to 20 Description: The issue is an authenticated stored cross-site scripting problem. Recommendations: For versions prior to 20, update to version 20 or later to resolve the issue...
CVE-2024-37765
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...
CVE-2024-37764
MachForm up to version 19 is affected by an authenticated stored cross-site scripting...
CVE-2024-37763
MachForm up to version 19 is affected by an unauthenticated stored cross-site scripting which affects users with valid sessions whom can view compiled forms results...
CVE-2024-37765
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page...