96 matches found
EUVD-2023-51362
Malicious code in bioql PyPI...
EUVD-2023-39087
Malicious code in bioql PyPI...
EUVD-2023-32416
Malicious code in bioql PyPI...
EUVD-2024-26156
Malicious code in bioql PyPI...
EUVD-2025-16689
Malicious code in bioql PyPI...
EUVD-2023-32424
Malicious code in bioql PyPI...
EUVD-2024-28469
Malicious code in bioql PyPI...
CVE-2025-49069
Cross-Site Request Forgery CSRF vulnerability in cimatti Contact Forms by Cimatti contact-forms allows Cross Site Request Forgery.This issue affects Contact Forms by Cimatti: from n/a through = 1.9.8...
CVE-2025-49069
Cross-Site Request Forgery CSRF vulnerability in cimatti Contact Forms by Cimatti contact-forms allows Cross Site Request Forgery.This issue affects Contact Forms by Cimatti: from n/a through = 1.9.8...
CVE-2025-49069 WordPress Contact Forms by Cimatti plugin <= 1.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in cimatti Contact Forms by Cimatti contact-forms allows Cross Site Request Forgery.This issue affects Contact Forms by Cimatti: from n/a through = 1.9.8...
CVE-2025-49069
CVE-2025-49069 is a CSRF vulnerability in the WordPress plugin Contact Forms by Cimatti . Affected: Cimatti Contact Forms for WordPress, versions from n/a through 1.9.8. Root cause: Cross‑Site Request Forgery. Impact: as described in sources, but no exploit specifics provided here. Public details...
WordPress Contact Forms by Cimatti plugin <= 1.9.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Shivam Khanna Patchstack Alliance in WordPress Plugin Contact Forms by Cimatti versions = 1.9.8...
WordPress plugin Contact Forms by Cimatti 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress...
CVE-2024-30549
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cimatti Contact Forms by Cimatti contact-forms.This issue affects Contact Forms by Cimatti: from n/a through = 1.8.0...
CVE-2024-10521
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on the processbulkaction function. This makes it possible for unauthenticated attackers to dele...
CVE-2024-12184
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accuaformsdownloadsubmittedfile function in all versions up to, and including, 1.9.4. This makes it possible for unauthenticated attackers to download...
CVE-2023-28789
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.5.4 versions...
CVE-2023-28781
Unauth. Stored Cross-Site Scripting XSS vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.5.4 versions...
CVE-2023-47230
Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...
CVE-2023-35051
Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7...