Lucene search
+L

406 matches found

Patchstack
Patchstack
added 2026/01/15 6:18 a.m.7 views

WordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Multilanguage by BestWebSoft versions = 1.5.2...

4.3CVSS5.4AI score0.00255EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.4 views

CVE-2023-29096

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a throug...

8.8CVSS8.8AI score0.00706EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.12 views

CVE-2024-2200

The Contact Form by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘cntctfrmcontactsubject’ parameter in all versions up to, and including, 4.2.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS6.4AI score0.00495EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.4 views

CVE-2025-63056

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...

4.3CVSS5.9AI score0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-201973

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.5...

4.3CVSS6.5AI score0.00265EPSS
Exploits0References2
NVD
NVD
added 2025/12/09 4:18 p.m.4 views

CVE-2025-63056

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...

4.3CVSS0.00265EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/09 2:52 p.m.2 views

CVE-2025-63056 WordPress Contact Form by BestWebSoft plugin <= 4.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...

4.3CVSS5.1AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/09 2:52 p.m.28 views

CVE-2025-63056 WordPress Contact Form by BestWebSoft plugin <= 4.3.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...

4.3CVSS0.00265EPSS
Exploits0References1
CVE
CVE
added 2025/12/09 2:52 p.m.14 views

CVE-2025-63056

CVE-2025-63056 corresponds to a Missing Authorization flaw in the WordPress plugin Contact Form by BestWebSoft (versions up to and including 4.3.5). The issue is a bypass of access controls in the plugin’s configuration, enabling unauthorized access as described in the CVE entry. Public sources i...

4.3CVSS5.9AI score0.00265EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

WordPress plugin Contact Form by BestWebSoft 安全漏洞

...

4.3CVSS5.8AI score0.00265EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-50056

Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.5...

7AI score0.00265EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/12/07 4:15 p.m.8 views

WordPress Contact Form by BestWebSoft plugin <= 4.3.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Contact Form by BestWebSoft versions = 4.3.6...

4.3CVSS6.8AI score0.00265EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/11/27 12:0 a.m.21 views

WordPress Job Board by BestWebSoft plugin cross-site scripting vulnerability

WordPress Job Board by BestWebSoft plugin is WordPress plugin for creating and managing job posting features. The WordPress Job Board by BestWebSoft plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

6.1CVSS6.1AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/26 7:59 a.m.8 views

CVE-2025-13383

The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized $GET superglobal array directly into the database via updateusermeta when users save search results,...

6.1CVSS5.2AI score0.00224EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 8:15 a.m.4 views

CVE-2025-13383

The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized $GET superglobal array directly into the database via updateusermeta when users save search results,...

6.1CVSS0.00224EPSS
Exploits0References5
CVE
CVE
added 2025/11/25 7:28 a.m.22 views

CVE-2025-13383

CVE-2025-13383 concerns the WordPress plugin “Job Board by BestWebSoft.” The issue is a stored XSS caused by unsafely storing the entire GET array via update_user_meta() and later outputting it without proper escaping, enabling unauthenticated attackers to inject scripts when users view saved sea...

6.1CVSS4.9AI score0.00224EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/11/25 7:28 a.m.2 views

CVE-2025-13383 Job Board by BestWebSoft <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage

The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized $GET superglobal array directly into the database via updateusermeta when users save search results,...

6.1CVSS4.9AI score0.00224EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/11/25 7:28 a.m.11 views

CVE-2025-13383 Job Board by BestWebSoft <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage

The Job Board by BestWebSoft plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.2.1. This is due to the plugin storing the entire unsanitized $GET superglobal array directly into the database via updateusermeta when users save search results,...

6.1CVSS0.00224EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/11/25 7:27 a.m.9 views

WordPress Job Board by BestWebSoft plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting via $_GET Array Storage vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting via $GET Array Storage vulnerability discovered by Jamshed Yergashvoyev CVE Guy - Turan Security in WordPress Plugin Job Board by BestWebSoft versions = 1.2.1...

6.1CVSS6AI score0.00224EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.7 views

WordPress plugin Job Board by BestWebSoft 跨站脚本漏洞

WordPress Job Board by BestWebSoft plugin is WordPress plugin for creating and managing job posting features. The WordPress Job Board by BestWebSoft plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...

6.1CVSS6AI score0.00224EPSS
Exploits0References5
Rows per page
Query Builder