EUVD-2024-30491

Malicious code in bioql PyPI...

EUVD-2024-30492

Malicious code in bioql PyPI...

EUVD-2024-52344

Malicious code in bioql PyPI...

EUVD-2024-30493

Malicious code in bioql PyPI...

EUVD-2024-30490

Malicious code in bioql PyPI...

CVE-2024-0427

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions...

CVE-2024-31272

Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

CVE-2024-4621

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

CVE-2024-54217

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4.1...

CVE-2024-54223

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in reputeinfosystems ARForms Form Builder arforms-form-builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through = 1.7.1...

CVE-2022-45838

Unauth. Stored Cross-Site Scripting XSS vulnerability in Repute InfoSystems ARForms Form Builder plugin = 1.5.5 versions...

CVE-2018-15818

An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php...

CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS

The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS

The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...

CVE-2024-32703

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

CVE-2024-32705

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

CVE-2024-32702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

CVE-2024-32706

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

CVE-2024-32704

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

CVE-2024-1945

The Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form Builder plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'arfliteremovepreviewdata' function in all versions up to, and including, 1.6.4. This makes it possible for...