Lucene search
K

74 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.4 views

CVE-2025-13409

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS6.5AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2026/01/06 4:15 a.m.5 views

CVE-2025-13409

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS0.00266EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/06 3:21 a.m.32 views

CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS0.00266EPSS
Exploits0References4
CVE
CVE
added 2026/01/06 3:21 a.m.22 views

CVE-2025-13409

CVE-2025-13409 concerns the WordPress plugin Form Vibes – Database Manager for Forms . The Wordfence report confirms an SQL Injection via the params parameter in all versions up to and including 1.4.13 due to insufficient escaping and lack of proper query preparation. It requires authenticated Ad...

4.9CVSS6.2AI score0.00266EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/01/06 3:21 a.m.1 views

CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

4.9CVSS6.2AI score0.00266EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/06 12:0 a.m.4 views

WordPress plugin Form Vibes – Database Manager for Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

4.9CVSS7.8AI score0.00266EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1399

Name of the Vulnerable Software and Affected Versions Form Vibes – Database Manager for Forms plugin for WordPress versions up to and including 1.4.13 Description The software contains a SQL Injection issue due to insufficient escaping of user-supplied input and inadequate preparation of existing...

4.9CVSS6.9AI score0.00266EPSS
Exploits0References7
Patchstack
Patchstack
added 2026/01/05 9:47 p.m.7 views

WordPress Form Vibes – Database Manager for Forms plugin <= 1.4.13 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by tmrswrr in WordPress Plugin Form Vibes – Database Manager for Forms versions = 1.4.13...

4.9CVSS8AI score0.00266EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/07 1:46 p.m.3 views

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS7AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 1:46 p.m.3 views

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS6.8AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/07 1:46 p.m.4 views

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

6.5CVSS7AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 7:17 p.m.13 views

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

6.5CVSS0.00179EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 7:17 p.m.15 views

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS0.00187EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 7:17 p.m.6 views

CVE-2025-64320

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Code Injection.This issue affects Agentforce Vibes Extension: before 3.2.0...

6.5CVSS5.8AI score0.00179EPSS
Exploits0References1
NVD
NVD
added 2025/11/04 7:17 p.m.6 views

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 7:17 p.m.2 views

CVE-2025-64321

Improper Neutralization of Input Used for LLM Prompting vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS5.8AI score0.00197EPSS
Exploits0References1
OSV
OSV
added 2025/11/04 7:17 p.m.3 views

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References1
CVE
CVE
added 2025/11/04 6:33 p.m.16 views

CVE-2025-64322

CVE-2025-64322 affects Salesforce Agentforce Vibes Extension. The vulnerability is described as an incorrect permission assignment for a critical resource that allows manipulation of writable configuration files. Impact is limited to extensions before affected versions (per sources: before 3.3.0;...

5.3CVSS6.6AI score0.00187EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/04 6:33 p.m.7 views

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

0.00187EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/04 6:33 p.m.2 views

CVE-2025-64322

Incorrect Permission Assignment for Critical Resource vulnerability in Salesforce Agentforce Vibes Extension allows Manipulating Writeable Configuration Files.This issue affects Agentforce Vibes Extension: before 3.3.0...

6.6AI score0.00187EPSS
Exploits0References1
Rows per page
Query Builder