Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11975

Malware in sbrugna...

6.1CVSS6.1AI score0.02412EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-34908

Malicious code in bioql PyPI...

7.1CVSS7AI score0.0033EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50346

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00652EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 10:36 a.m.2 views

CVE-2025-54020 WordPress AntiSpam for Contact Form 7 plugin <= 0.6.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Erik AntiSpam for Contact Form 7 cf7-antispam allows Cross Site Request Forgery.This issue affects AntiSpam for Contact Form 7: from n/a through = 0.6.3...

5.4CVSS5.9AI score0.00124EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/17 9:21 a.m.39 views

CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

8.1CVSS0.0509EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:26 a.m.5 views

CVE-2024-12423

The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...

6.1CVSS6.4AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2024/05/02 4:51 p.m.76 views

CVE-2024-3585

CVE-2024-3585 describes a vulnerability in the Send PDF for Contact Form 7 plugin for WordPress. It permits unauthenticated access to form submissions (including PDFs) due to a missing capability check on the hooks function in all versions up to and including 1.0.2.3, enabling information exposur...

5.3CVSS5AI score0.00691EPSS
Exploits0References3
NVD
NVD
added 2024/02/23 7:15 a.m.26 views

CVE-2024-1779

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ztdcfcfchangestatus function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to alter t...

5.3CVSS5.1AI score0.00386EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/23 6:48 a.m.10 views

CVE-2024-1777 Admin side data storage for Contact Form 7 <= 1.1.1 - Cross-Site Request Forgery

The Admin side data storage for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the settings update function. This makes it possible for unauthenticated attackers t...

4.3CVSS6.6AI score0.00198EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/10/03 12:0 a.m.7 views

WordPress Redirection for Contact Form 7 Plugin <= 2.9.2 is vulnerable to Broken Access Control

Software Redirection for Contact Form 7 Type Plugin Vulnerable versions = 2.9.2 Fixed in 3.0.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-39920 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ca4cdb116544 Credits Nguyen Anh...

6.6AI score0.00608EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/07/10 4:15 p.m.27 views

CVE-2023-24395

Cross-Site Request Forgery CSRF vulnerability in Scott Paterson Contact Form 7 Redirect & Thank You Page plugin = 1.0.3 versions...

8.8CVSS6.5AI score0.00303EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/11 5:4 p.m.4 views

CVE-2021-36913 Redirection for Contact Form 7 <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerability

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

7.5CVSS7.7AI score0.00527EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/11 5:4 p.m.23 views

CVE-2021-36913 Redirection for Contact Form 7 <= 2.4.0 - Unauthenticated Options Change and Content Injection vulnerability

Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin = 2.4.0 at WordPress allows attackers to change options and inject scripts into the footer HTML. Requires an additional extension plugin AccessiBe...

7.5CVSS7.9AI score0.00527EPSS
Exploits0References2
Rows per page
Query Builder