8 matches found
CVE-2026-57736
CVE-2026-57736 affects the WordPress HubSpot plugin (versions
WordPress HubSpot plugin <= 11.3.51 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin HubSpot versions = 11.3.51...
CVE-2026-49763 WordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot = 1.3.7 versions...
CVE-2025-11762
The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.32 via the leadin/public/admin/class-adminconstants.php file. This makes it possible for authenticated attackers, with...
WordPress HubSpot All-In-One Marketing – Forms, Popups, Live Chat plugin <= 11.3.32 - Forms, Popups, Live Chat <= 11.3.32 - Missing Authorization to Authenticated (Contributor+) Installed Plugin Disclosure vulnerability
Forms, Popups, Live Chat plugin = 11.3.32 - Forms, Popups, Live Chat = 11.3.32 - Missing Authorization to Authenticated Contributor+ Installed Plugin Disclosure vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin HubSpot versions = 11.3.32...
CVE-2025-68590
Technical details for CVE-2025-68590 are not publicly provided in the supplied documents. No affected versions, impact specifics, or remediation are given here. Monitor vendor advisories and patch releases for updates.
EUVD-2025-204097
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...
WordPress plugin HubSpot 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. versions of the WordPress HubSpot plugin prior to 8.8.15 are vulnerable to server-side request...