EUVD-2025-1936

Malicious code in bioql PyPI...

EUVD-2022-50352

Malicious code in bioql PyPI...

CVE-2025-0939

The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke tho...

CVE-2022-47592

Reflected Cross-Site Scripting XSS vulnerability in Dmytriy.Cooperman MagicForm plugin = 0.1 versions...

CVE-2025-0939

The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke tho...

CVE-2025-0939

The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke tho...

CVE-2025-0939 MagicForm - WordPress Form Builder <= 1.6.2 - Missing Authorization

The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke tho...

CVE-2025-0939

CVE-2025-0939 concerns the WordPress plugin MagicForm (WordPress Form Builder) up to version 1.6.2, due to a missing capability check in its AJAX actions. According to Wordfence, authenticated attackers with Subscriber-level access or higher can invoke those AJAX actions to delete or view logs, a...

WordPress plugin MagicForm 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress MagicForm - WordPress Form Builder plugin <= 1.6.2 - Missing Authorization vulnerability

WordPress MagicForm - WordPress Form Builder plugin = 1.6.2 - Missing Authorization vulnerability discovered by Lucio Sá in WordPress Plugin MagicForm versions = 1.6.2...

CVE-2022-47592

Reflected Cross-Site Scripting XSS vulnerability in Dmytriy.Cooperman MagicForm plugin = 0.1 versions...

CVE-2022-47592

Reflected Cross-Site Scripting XSS vulnerability in Dmytriy.Cooperman MagicForm plugin = 0.1 versions...

CVE-2022-47592

CVE-2022-47592 is a reflected XSS in the WordPress MagicForm plugin &lt;= 0.1 (Dmytriy.Cooperman). The vulnerability arises from insufficient sanitization/escaping of input, allowing an attacker to inject scripts via a reflected parameter. Exploitation is unauthenticated and network-based; the CV...

CVE-2022-47592 WordPress MagicForm Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)

Reflected Cross-Site Scripting XSS vulnerability in Dmytriy.Cooperman MagicForm plugin = 0.1 versions...

PT-2023-15416 · Unknown · Dmytriy.Cooperman Magicform

Name of the Vulnerable Software and Affected Versions: Dmytriy.Cooperman MagicForm plugin versions = 0.1 Description: The issue is a Reflected Cross-Site Scripting XSS vulnerability. This means an attacker can inject malicious scripts into a website, which will then be executed by the user's...

WordPress plugin MagicForm 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress MagicForm Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)

Software MagicForm Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47592 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3819918430b2 Credits minhtuanact Required...