CVE-2025-11991 JetFormBuilder <= 3.5.3 - Missing Authorization to Unauthenticated Form Generation

The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the runcallback function in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to generate form...

EUVD-2023-37382

Malicious code in bioql PyPI...

CVE-2023-33212

Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...

CVE-2023-33212

Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...

CVE-2023-33212

CVE-2023-33212 : Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin with version &lt;= 3.0.6 contains a CSRF vulnerability (unauthenticated). The issue is mitigated by upgrading to version 3.0.7 or later. Multiple sources confirm the vulnerability details and patch, e.g., PatchStack n...

WordPress plugin JetFormBuilder — Dynamic Blocks Form Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2023-24223 · Crocoblock · Crocoblock Jetformbuilder

Name of the Vulnerable Software and Affected Versions: Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin versions 3.0.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into...

webpack-subresource-integrity data forgery issue vulnerability

webpack-subresource-integrity is a personal developer's npm extension for website static file security. The library generates an encrypted hash code that can be used to verify that files fetched by the browser e.g. from a CDN are secure. A webpack plugin vulnerability exists in versions prior to...