CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-3954

Malware in sbrugna...

4.3CVSS6.1AI score0.0079EPSS

Exploits3References8

RedhatCVE•added 2025/09/28 6:52 a.m.•5 views

CVE-2025-9898

The cForms – Light speed fast Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.0. This is due to missing or incorrect nonce validation on the cformsapi function. This makes it possible for unauthenticated attackers to modify...

4.3CVSS5.2AI score0.00014EPSS

Exploits0References1

Patchstack•added 2025/09/27 12:56 a.m.•3 views

WordPress cForms – Light speed fast Form Builder plugin <= 3.0.0 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Nabil Irawan in WordPress Plugin cForms versions = 3.0.0...

4.3CVSS6.8AI score0.00014EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/09/27 12:0 a.m.•1 views

WordPress plugin cForms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

4.3CVSS6.4AI score0.00014EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 5:28 a.m.•1 views

CVE-2023-25449

Cross-Site Request Forgery CSRF vulnerability in Oliver Seidel, Bastian Germann cformsII plugin = 15.0.4 versions...

8.8CVSS7AI score0.00094EPSS

Exploits0References1

Patchstack•added 2015/01/19 12:0 a.m.•59 views

WordPress Cforms Plugin 14.7 - Remote Code Execution

Cforms plugin is prone to a remote code execution vulnerability, because of script does not check remotely cached files properly. Also, it can attack URL. Solution Upgrade the plugin...

7.5CVSS2.2AI score0.39353EPSS

Exploits0References1Affected Software1

Japan Vulnerability Notes•added 2012/02/15 8:14 a.m.•4 views

cforms II vulnerable to cross-site scripting

Overview cforms II contains a cross-site scripting vulnerability. cforms II provided by delicious days is a plugin for WordPress. cforms II contains a cross-site scripting vulnerability. Kousuke Ebihara and Yuya Watanabe of Tejimaya.inc reported this vulnerability to IPA. JPCERT/CC coordinated wi...

4.3CVSS6.1AI score0.0079EPSS

Exploits3References5

Check Point Advisories•added 2010/11/14 12:0 a.m.•3 views

Preemptive Protection against WordPress cforms Plugin Cross-Site Scripting (XSS) Vulnerability

A cross-site scripting XSS vulnerability has been reported in the cforms plugin for WordPress. cforms is a highly customizable, flexible and powerful form builder plugin, covering a variety of use cases and features from attachments to multi-form management. A remote attacker may exploit this...

4.3CVSS5.4AI score0.0079EPSS

Exploits3

WPVulnDB•added 2010/11/01 12:0 a.m.•26 views

Cforms <= 13.1 - 'lib_ajax.php' Cross-Site Scripting (XSS)

The cforms plugin has a XSS vulnerability in file libajax.php with rs and rsargs parameters. It is fixed in version 13.2. The cforms2 fork was forked at 14.6, so it is not affected...

4.3CVSS2.7AI score0.0079EPSS

Exploits3References3Affected Software1

Positive Technologies•added 2008/02/04 12:0 a.m.•3 views

PT-2008-2186 · Oliver Seidel · Cforms

Name of the Vulnerable Software and Affected Versions: cforms contactforms versions prior to 7.3 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter in the cforms-css.php file. This is a PHP remote file inclusion vulnerability in the Oliver...

6.8CVSS7.9AI score0.00733EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by