CVE-2026-56058

CVE-2026-56058 affects the WordPress Quform plugin, specifically versions up to 2.23.0, with a Subscriber Arbitrary File Upload vulnerability. The connected records confirm the affected product and vulnerability class but do not provide root-cause details or a patch/version to remediate within th...

EUVD-2024-49399

Malicious code in bioql PyPI...

CVE-2024-8756

The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...

WordPress Quform plugin <= 2.20.0 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by shaman0x01 in WordPress Plugin Quform versions = 2.20.0...

PT-2024-39230 · WordPress · Quform

Name of the Vulnerable Software and Affected Versions: The Quform - WordPress Form Builder plugin versions up to, and including, 2.20.0 Description: The issue allows unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users via...