3 matches found
EUVD-2024-47851
Malicious code in bioql PyPI...
CVE-2024-13498 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...
PT-2023-30518 · Unknown · Guest Entries
Name of the Vulnerable Software and Affected Versions: Guest Entries versions prior to 3.1.2 Description: The file uploads feature in Guest Entries did not prevent the upload of PHP files, which may lead to code execution on the server by authenticated users. Recommendations: For versions prior t...