49 matches found
CVE-2014-10392
The cforms2 plugin before 10.2 for WordPress has XSS...
Cross site scripting
The cforms2 plugin before 10.2 for WordPress has XSS...
CVE-2014-10392
The CVE-2014-10392 entry concerns the WordPress cforms2 plugin, specifically versions before 10.2, which are affected by a cross-site scripting (XSS) vulnerability. The vulnerability is due to an XSS flaw in the plugin’s handling of input, allowing an attacker to inject and execute client-side sc...
CVE-2014-10392
The cforms2 plugin before 10.2 for WordPress has XSS...
CVE-2017-18570
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries...
CVE-2015-9333
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
Sql injection
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
Sql injection
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries...
CVE-2015-9333
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
CVE-2015-9333
CVE-2015-9333 affects WordPress cforms2 plugin versions prior to 14.6.10, with a SQL injection vulnerability in the plugin’s handling of inputs. Impact per sources includes the ability to execute illegal SQL commands (high severity). Remediation: upgrade to version 14.6.10 or later; no exploitati...
CVE-2017-18570
CVE-2017-18570 affects the WordPress plugin cforms2 prior to version 14.13. The vulnerability is an SQL injection in the tracking database GUI triggered via Delete Entries or Download Entries, enabling an attacker to manipulate the database. Reported CVSS details show high/severe impact (CVSSv3: ...
PT-2019-7292 · WordPress · Cforms2
Name of the Vulnerable Software and Affected Versions: cforms2 plugin versions prior to 14.6.10 Description: The issue is related to SQL injection. Recommendations: For versions prior to 14.6.10, update to version 14.6.10 or later to resolve the issue...
CVE-2017-18559
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2017-18559
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2014-10377
The cforms2 plugin before 13.2 for WordPress has XSS in libajax.php...
Design/Logic Flaw
The cforms2 plugin before 13.2 for WordPress has XSS in libajax.php...
Cross site scripting
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2017-18559
The CVE-2017-18559 entry concerns the WordPress plugin cforms2. Affected: cforms2 plugin versions prior to 14.13.3. Vulnerability: multiple cross-site scripting (XSS) issues in the plugin. Impact: allows injection of client-side scripts, as described in connected sources. Root cause details are n...
CVE-2017-18559
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2014-10377
CVE-2014-10377 affects the WordPress plugin cforms2 (before 13.2). The vulnerability is an XSS in lib_ajax.php within the cforms2 component. The issue allows injection of crafted data leading to potential client-side code execution and partial integrity impact per CVSS 3.1 metrics, with network a...