CVE-2026-40764 WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...

CVE-2026-25430

Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Mailchimp and Contact Form 7, WPForms, Elementor,...

CVE-2026-32527

CVE-2026-32527 : Missing Authorization in WordPress plugin set WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms. Affected: WP Insightly from versions up to and including 1.1.5. Root cause: incorrect access control enabling unauthorized access across the listed form ...

CVE-2026-25339

CVE-2026-25339 concerns the WordPress plugin WPForms Lite (Contact Form by WPForms)

CVE-2025-68534

CVE-2025-68534 : WordPress PDF for WPForms plugin &lt;= 6.3.0 has a Missing Authorization vulnerability (Broken Access Control) in the pdf-for-wpforms add-on. Root cause: incorrectly configured access control security levels allowing unauthorized PDF access. Impact: potential unauthorized access ...

CVE-2025-68534 WordPress PDF for WPForms plugin <= 6.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 6.3.0...

WordPress Views for WPForms plugin <= 3.2.2 - Cross-Site Request Forgery via create_view vulnerability

Cross-Site Request Forgery via createview vulnerability discovered by Francesco Carlucci in WordPress Plugin Views for WPForms versions = 3.2.2...

WordPress Views for WPForms plugin <= 3.2.2 - Cross-Site Request Forgery via save_view vulnerability

Cross-Site Request Forgery via saveview vulnerability discovered by Francesco Carlucci in WordPress Plugin Views for WPForms versions = 3.2.2...

CVE-2020-36919

WPForms 1.7.8 is affected by a cross-site scripting (XSS) vulnerability in the slider import search feature and the tab parameter. The issue can be triggered via the ListTable.php endpoint, where an attacker can inject arbitrary JavaScript to run in a victim’s browser. The vulnerable parameter is...

CVE-2025-60082

CVE-2025-60082 affects the WordPress PDF for WPForms plugin (PDF-for-WPForms) with deserialization of untrusted data leading to possible object injection. Affected version Range: from n/a through

CVE-2025-67570 WordPress WPForms Google Sheet Connector plugin <= 4.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPForms Google Sheet Connector: from n/a through = 4.0.0...

EUVD-2020-2838

Malware in sbrugna...

EUVD-2024-34017

Malicious code in bioql PyPI...

EUVD-2024-16166

Malicious code in bioql PyPI...

EUVD-2024-50983

Malicious code in bioql PyPI...

EUVD-2025-14199

Malicious code in bioql PyPI...

EUVD-2024-33189

Malicious code in bioql PyPI...

EUVD-2024-32867

Malicious code in bioql PyPI...

EUVD-2024-16170

Malicious code in bioql PyPI...

EUVD-2023-33825

Malicious code in bioql PyPI...