8 matches found
CVE-2026-12127
WPForms – Easy Form Builder for WordPress (WordPress plugin WPForms Lite) versions up to 1.10.2 are vulnerable to CRLF header injection in outgoing notification emails. The root cause is improper neutralization of CRLF sequences: get_reply_to_address() expands the Reply-To display name with conte...
CVE-2022-36859
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices...
CVE-2022-36859
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.21-6 allows privileged attackers to trigger a XSS on a victim's devices...
PT-2022-16987 · Unknown · Smarttagplugin
Name of the Vulnerable Software and Affected Versions: SmartTagPlugin versions prior to 1.2.15-6 Description: The issue is related to improper input validation in the SmartTagPlugin, allowing privileged attackers to trigger a cross-site scripting XSS attack on a victim's devices. Recommendations:...
Microsoft Office Smart Tag WordCount Memory Corruption - Ver2 (CVE-2008-2244)
A memory corruption vulnerability has been reported in July. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2006-3868
Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag...
CVE-2006-3868
Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag...
CVE-2006-3868
CVE-2006-3868 covers a remote code execution vulnerability in Microsoft Office XP/2003 (Office Smart Tag parsing). A specially crafted Office file with a malformed Smart Tag could allow an attacker to execute arbitrary code when opened by a user. The CERT/MS security notes corroborate this as a r...