74 matches found
CVE-2025-13409
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2025-13409
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2025-13409
CVE-2025-13409 concerns the WordPress plugin Form Vibes – Database Manager for Forms . The Wordfence report confirms an SQL Injection via the params parameter in all versions up to and including 1.4.13 due to insufficient escaping and lack of proper query preparation. It requires authenticated Ad...
CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
WordPress plugin Form Vibes – Database Manager for Forms SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...
PT-2026-1399
Name of the Vulnerable Software and Affected Versions Form Vibes – Database Manager for Forms plugin for WordPress versions up to and including 1.4.13 Description The software contains a SQL Injection issue due to insufficient escaping of user-supplied input and inadequate preparation of existing...
WordPress Form Vibes – Database Manager for Forms plugin <= 1.4.13 - Authenticated (Admin+) SQL Injection vulnerability
Authenticated Admin+ SQL Injection vulnerability discovered by tmrswrr in WordPress Plugin Form Vibes – Database Manager for Forms versions = 1.4.13...
CVE-2025-64322
Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64321
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64320
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...
CVE-2025-64320
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...
CVE-2025-64322
Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64320
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...
CVE-2025-64321
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64321
Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64322
Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64322
CVE-2025-64322 affects Salesforce Agentforce Vibes Extension. The vulnerability is described as an incorrect permission assignment for a critical resource that allows manipulation of writable configuration files. Impact is limited to extensions before affected versions (per sources: before 3.3.0;...
CVE-2025-64322
Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...
CVE-2025-64322
Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...