EUVD-2023-50336

Malicious code in bioql PyPI...

EUVD-2025-11989

Malicious code in bioql PyPI...

CVE-2025-46529

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Business Contact Widget versions = 2.7.0...

CVE-2025-46529

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

CVE-2025-46529 WordPress Business Contact Widget plugin <= 2.7.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in StressFree Sites Business Contact Widget business-contact-widget allows Stored XSS.This issue affects Business Contact Widget: from n/a through = 2.7.0...

CVE-2025-46529

CVE-2025-46529 describes a stored XSS in the StressFree Sites Business Contact Widget (WordPress plugin) caused by improper input neutralization during web page generation. Affected versions are n/a through 2.7.0. Mitigation: upgrade the widget to a version later than 2.7.0 (exact fixed version n...

WordPress plugin Business Contact Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

PT-2025-17831 · Unknown · Stressfree Sites Business Contact Widget

Name of the Vulnerable Software and Affected Versions: StressFree Sites Business Contact Widget versions n/a through 2.7.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...

WordPress Contact Form and Calls To Action by vcita plugin <= 2.7.1 - Missing Authorization to Authenticated (Subscriber+) Contact/Widget Toggle vulnerability

Missing Authorization to Authenticated Subscriber+ Contact/Widget Toggle vulnerability discovered by yudha in WordPress Plugin Contact Form and Calls To Action by vcita versions = 2.7.1...

CVE-2024-35747

Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7...

CVE-2024-35747 WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7...

CVE-2024-35747

CVE-2024-35747 affects WordPress plugin Contact Form Builder/Contact Widget (wpdevart) and is described as Improper Restriction of Excessive Authentication Attempts, enabling an Authentication/Functionality Bypass. Affected versions are from n/a through 2.1.7. The available documents confirm the ...

CVE-2024-35747 WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7...

WordPress plugin Contact Form Builder, Contact Widget security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Contact Form Builder, Contact Widget versions = 2.1.7...

WordPress Contact Form Builder, Contact Widget Plugin <= 2.1.7 is vulnerable to Bypass Vulnerability

Software Contact Form Builder, Contact Widget Type Plugin Vulnerable versions = 2.1.7 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-35747 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8b7cdb65512f Credits Joshua Chan...

CVE-2023-46075

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...