CVE-2025-58620 WordPress PDF for WPForms Plugin <= 6.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Stored XSS.This issue affects PDF for WPForms: from n/a through = 6.2.1...

CVE-2025-58620 WordPress PDF for WPForms Plugin <= 6.2.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Stored XSS.This issue affects PDF for WPForms: from n/a through = 6.2.1...

WordPress plugin PDF for WPForms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site...

PT-2025-35753

Name of the Vulnerable Software and Affected Versions: PDF for WPForms versions through 6.2.1 Description: The software contains a cross-site scripting XSS vulnerability due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update...

WordPress PDF for WPForms plugin <= 6.5.0 - Deserialization of untrusted data vulnerability

Deserialization of untrusted data vulnerability discovered by Phat RiO in WordPress Plugin PDF for WPForms versions = 6.5.0...

CVE-2025-7697

The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...

CVE-2025-7696

CVE-2025-7696 : The WordPress plugin Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms is vulnerable to unauthenticated PHP Object Injection via the verify_field_val() function in all versions up to 1.2.3. Deserialization of untrusted input enables injection of a PHP o...

CVE-2025-7697 Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 - Unauthenticated PHP Object Injection via verify_field_val Function

The Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.1 via deserialization of untrusted input within the verifyfieldval function. This makes it possible for...

WordPress plugin Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A code issue vulnerability exists ...

WordPress plugin Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A code issue vulnerability exists ...

CVE-2025-49289

Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 5.5.0...

CVE-2025-49289

Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 5.5.0...

CVE-2025-49289 WordPress PDF for WPForms plugin <= 5.5.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through = 5.5.0...

CVE-2025-49289 WordPress PDF for WPForms <= 5.5.0 - Broken Access Control Vulnerability

Missing Authorization vulnerability in add-ons.org PDF for WPForms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF for WPForms: from n/a through 5.5.0...

CVE-2025-49289

CVE-2025-49289 is a Missing Authorization vulnerability in the PDF for WPForms (WordPress plugin) that affects the PDF for WPForms component up to version 5.5.0. The issue is rooted in improperly configured access control, allowing unauthorized users to access or manipulate PDF-related functional...

WordPress plugin PDF for WPForms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security...

PT-2025-24224 · Wpforms · Pdf For Wpforms

Name of the Vulnerable Software and Affected Versions: PDF for WPForms versions 5.5.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can be exploited through the add-ons.or...

WordPress PDF for WPForms plugin <= 5.5.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by domiee13 in WordPress Plugin PDF for WPForms versions = 5.5.0...

WordPress plugin Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

CVE-2024-52347

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpwebsitecreator Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera wp-website-creator allows Stored XSS.This issue affects Website remote Install vor Gravity, WPForms,...