19 matches found
EUVD-2025-9888
Malicious code in bioql PyPI...
EUVD-2024-45871
Malicious code in bioql PyPI...
EUVD-2025-21634
Malicious code in bioql PyPI...
EUVD-2025-17158
Malicious code in bioql PyPI...
CVE-2025-52777
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Reflected XSS.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-52777
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Reflected XSS.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
PT-2025-29812 · Unknown · Cmsminds Pay With Contact Form 7
Name of the Vulnerable Software and Affected Versions: cmsMinds Pay with Contact Form 7 versions through 1.0.4 Description: The software contains a Reflected Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of malicio...
CVE-2025-24772
Cross-Site Request Forgery CSRF vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Cross Site Request Forgery.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-24772
Cross-Site Request Forgery CSRF vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Cross Site Request Forgery.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-24772 WordPress Pay with Contact Form 7 plugin <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery CSRF vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Cross Site Request Forgery.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-24772
CVE-2025-24772 describes a CSRF vulnerability in cmsMinds Pay with Contact Form 7 (Pay with Contact Form 7: from n/a through 1.0.4). The connected Red Hat entry confirms the CSRF issue but provides no additional technical details or patch information beyond the description, so no remediation deta...
PT-2025-24114 · Unknown · Cmsminds Pay With Contact Form 7
Name of the Vulnerable Software and Affected Versions: cmsMinds Pay with Contact Form 7 versions 1.0.0 through 1.0.4 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows an attacker to perform unauthorized actions on a user's account. This is a type of attack...
CVE-2025-32126
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows SQL Injection.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-32126
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows SQL Injection.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-32126 WordPress Pay with Contact Form 7 Plugin <= 1.0.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows SQL Injection.This issue affects Pay with Contact Form 7: from n/a through = 1.0.4...
CVE-2025-32126
The CVE CVE-2025-32126 affects the WordPress plugin Pay with Contact Form 7 by cmsMinds. It is an SQL Injection vulnerability caused by improper neutralization of input in SQL commands, affecting versions from n/a up to 1.0.4. The CVSS indicates high impact on confidentiality (C) but no impact on...
PT-2025-14918 · Unknown · Cmsminds Pay With Contact Form 7
Name of the Vulnerable Software and Affected Versions: cmsMinds Pay with Contact Form 7 versions 1.0.0 through 1.0.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
CVE-2024-52376
Unrestricted Upload of File with Dangerous Type vulnerability in cmsMinds Boat Rental Plugin for WordPress boat-rental-system allows Upload a Web Shell to a Web Server.This issue affects Boat Rental Plugin for WordPress: from n/a through = 1.0.1...
CVE-2024-52376
CVE-2024-52376 is an Unrestricted/Arbitrary File Upload vulnerability in the WordPress plugin “Boat Rental Plugin for WordPress” (cmsMinds), affecting versions up to 1.0.1. The issue allows uploading a web shell to the web server, representing a critical risk (CVSS v3.1 base score 10.0; NETWORK, ...