3 matches found
CVE-2025-7638
creationtimestamp| type| source ---|---|--- 2025-07-18 08:50:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lua2vikng42l...
CVE-2025-7638
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to time-based SQL Injection via the orderby parameter in all versions up to, and including, 1.45.0 due to insufficient escaping on the user supplied parameter and lack of sufficient...
CVE-2025-7638
CVE-2025-7638 affects the WordPress plugin Forminator Forms – Contact Form, Payment Form & Custom Form Builder (versions up to and including 1.45.0). The root cause is insufficient escaping and lack of proper SQL query preparation for the user-supplied parameter in the internal query, enabling a ...