Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/05/21 9:9 p.m.10 views

CVE-2026-7881

CVE-2026-7881 affects Concrete CMS 9.5.0 and earlier. The vulnerability is an Insecure Direct Object Reference (IDOR) in the Express Entry Detail block via the exEntryID parameter, enabling unauthorized access to all Express form submissions. The CVSS v4.0 score is 6.3 (AV:N/AC:L/AT:P/PR:N/UI:N/V...

6.3CVSS5.8AI score0.00204EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/05/14 6:44 a.m.6 views

EUVD-2026-30250

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user controlled key. This mak...

8.2CVSS5.9AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/14 6:44 a.m.38 views

CVE-2026-5395 Fluent Forms <= 6.2.0 - Authenticated (Subscriber+) Authorization Bypass via 'table' Parameter

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user controlled key. This mak...

8.2CVSS0.00234EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/02 5:4 a.m.6 views

CVE-2026-3831

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the entriesshortcode function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with...

4.3CVSS5.9AI score0.00229EPSS
Exploits0References1
CVE
CVEadded 2026/04/01 1:24 a.m.8 views

CVE-2026-3831

The CVE-2026-3831 entry concerns the Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress. A missing capability check in entries_shortcode() affects all versions up to 1.4.9, enabling authenticated users with Contributor-level access and above to access all form submissions ...

4.3CVSS5.9AI score0.00229EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/01 12:0 a.m.5 views

PT-2026-29441

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the entries shortcode function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with...

4.3CVSS5.9AI score0.00229EPSS
Exploits0References3
CVE
CVEadded 2026/01/24 8:26 a.m.19 views

CVE-2026-0633

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor (WordPress)

3.7CVSS5.5AI score0.00187EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/11/13 11:8 p.m.4 views

CVE-2025-64705

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensuring proper roles and redirecting if accessed vi...

5.3CVSS6.8AI score0.00187EPSS
Exploits0References1
Rows per page
Query Builder