Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-50978

Malicious code in bioql PyPI...

6.1CVSS8.7AI score0.00347EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.9 views

CVE-2024-12587

The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS6.1AI score0.00347EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/01/13 6:54 a.m.2 views

WordPress Contact Form Master plugin <= 1.0.7 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Contact Form Master – by Edmon versions = 1.0.7...

6.1CVSS6.4AI score0.00347EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/01/11 6:15 a.m.10 views

CVE-2024-12587

The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS0.00347EPSS
Exploits1References1
OSV
OSV
added 2025/01/11 6:15 a.m.3 views

CVE-2024-12587

The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1CVSS5.8AI score0.00347EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/11 6:0 a.m.14 views

CVE-2024-12587 Contact Form Master <= 1.0.7 - Reflected XSS

The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

0.00347EPSS
Exploits1References1
CVE
CVE
added 2025/01/11 6:0 a.m.48 views

CVE-2024-12587

The CVE CVE-2024-12587 affects the WordPress plugin Contact Form Master (≤1.0.7). Description: it does not sanitize/escape a parameter before outputting it, enabling a Reflected Cross-Site Scripting that could target admin-level users. Connected sources corroborate the Reflected XSS vector and th...

6.1CVSS5.8AI score0.00347EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/11 6:0 a.m.6 views

CVE-2024-12587 Contact Form Master <= 1.0.7 - Reflected XSS

The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

6.1AI score0.00347EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/01/11 12:0 a.m.3 views

PT-2025-1902 · WordPress · Contact Form Maker

The vulnerable software is the Contact Form Master WordPress plugin, with versions up to 1.0.7 being affected. The vulnerability is a Reflected Cross-Site Scripting XSS vulnerability, which occurs because the plugin does not sanitize and escape a parameter before outputting it back in the page...

6.1CVSS8.2AI score0.00347EPSS
Exploits1References7
CNNVD
CNNVD
added 2025/01/11 12:0 a.m.3 views

WordPress plugin Contact Form Master 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

6.1CVSS7.9AI score0.00347EPSS
Exploits1References1
Rows per page
Query Builder