Lucene search
+L

32 matches found

nvd
nvd
added 2025/04/09 5:15 p.m.36 views

CVE-2025-32679

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

5.4CVSS0.00175EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/04/09 4:9 p.m.7 views

CVE-2025-32679 WordPress User Registration Using Contact Form 7 plugin <= 2.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ZealousWeb User Registration Using Contact Form 7 user-registration-using-contact-form-7 allows Cross Site Request Forgery.This issue affects User Registration Using Contact Form 7: from n/a through = 2.4...

5.4CVSS7.2AI score0.00175EPSS
Exploits0References1
nvd
nvd
added 2024/07/09 8:15 a.m.56 views

CVE-2024-37555

Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7 generate-pdf-using-contact-form-7.This issue affects Generate PDF using Contact Form 7: from n/a through = 4.1.2...

9.8CVSS0.006EPSS
Exploits0References2
osv
osv
added 2024/07/09 8:15 a.m.5 views

CVE-2024-37555

Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7.This issue affects Generate PDF using Contact Form 7: from n/a through 4.0.6...

9.8CVSS5.8AI score0.006EPSS
Exploits0References1
cve
cve
added 2024/07/09 7:21 a.m.61 views

CVE-2024-37555

The CVE-2024-37555 entry concerns the WordPress plugin Generate PDF using Contact Form 7, affected versions 4.0.6 and earlier. Affected component is the file upload handling, with the root cause described as an Unrestricted Upload of File with Dangerous Type, enabling arbitrary file upload. Impac...

9.8CVSS5.9AI score0.006EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/07/09 7:21 a.m.41 views

CVE-2024-37555 WordPress Generate PDF using Contact Form 7 plugin <= 4.1.2 - CSRF to Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7 generate-pdf-using-contact-form-7.This issue affects Generate PDF using Contact Form 7: from n/a through = 4.1.2...

9.1CVSS0.006EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/07/09 12:0 a.m.10 views

PT-2024-27653 · Zealousweb · Zealousweb Generate Pdf Using Contact Form 7

Name of the Vulnerable Software and Affected Versions: ZealousWeb Generate PDF using Contact Form 7 versions 4.0.6 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects ZealousWeb Generate PDF using Contact Form 7. Recommendations: For...

9.8CVSS7AI score0.006EPSS
Exploits0References9
nvd
nvd
added 2023/12/15 3:15 p.m.16 views

CVE-2023-49188

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 2.0...

5.9CVSS0.00386EPSS
Exploits0References1
osv
osv
added 2023/12/15 3:15 p.m.4 views

CVE-2023-49188

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 2.0...

4.8CVSS6.7AI score0.00386EPSS
Exploits0References1
prion
prion
added 2023/12/15 3:15 p.m.12 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ZealousWeb Track Geolocation Of Users Using Contact Form 7 allows Stored XSS.This issue affects Track Geolocation Of Users Using Contact Form 7: from n/a through 1.4...

4.3CVSS6.9AI score0.00386EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/12/15 3:5 p.m.78 views

CVE-2023-49188

CVE-2023-49188 affects the WordPress plugin Track Geolocation Of Users Using Contact Form 7 by ZealousWeb. The issue is an Improper Neutralization of Input During Web Page Generation (Stored XSS) in versions n/a through 2.0. The root cause is insufficient input sanitization/escaping in how user-p...

5.9CVSS5.6AI score0.00386EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/12/15 12:0 a.m.4 views

PT-2023-31105 · Zealousweb · Zealousweb Track Geolocation Of Users Using Contact Form 7

Name of the Vulnerable Software and Affected Versions: ZealousWeb Track Geolocation Of Users Using Contact Form 7 versions n/a through 2.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS...

5.9CVSS9.1AI score0.00386EPSS
Exploits0References6
Rows per page
Query Builder