Lucene search
K

7 matches found

CVE
CVE
added 2025/07/02 2:3 a.m.32 views

CVE-2025-5692

The CVE-2025-5692 entry concerns the WordPress plugin Lead Form Data Collection to CRM (versions up to and including 3.1). It states a missing capability check in multiple functions within LB_admin_ajax.php (notably doFieldAjaxAction), allowing authenticated users with Subscriber-level access and...

6.3CVSS6.9AI score0.00207EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.3 views

PT-2025-27582 · WordPress · Lead Form Data Collection To Crm

Name of the Vulnerable Software and Affected Versions: Lead Form Data Collection to CRM plugin for WordPress versions up to, and including, 3.1 Description: The issue allows unauthorized modification of data, leading to privilege escalation due to a missing capability check on the doFieldAjaxActi...

8.8CVSS7AI score0.00207EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2025/06/20 12:0 a.m.9 views

Tracker Installations Are Not Created Equal: Understanding Tracker Configuration of Form Data Collection

Targeted advertising is fueled by the comprehensive tracking of users' online activity. As a result, advertising companies, such as Google and Meta, encourage website administrators to not only install tracking scripts on their websites but configure them to automatically collect users' Personall...

6.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/25 1:19 p.m.12 views

CVE-2025-47690

Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.1...

8.8CVSS7.2AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/05/23 1:15 p.m.10 views

CVE-2025-47690

Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.1...

8.8CVSS0.00298EPSS
Exploits0References1
CVE
CVE
added 2025/05/23 12:43 p.m.60 views

CVE-2025-47690

The CVE-2025-47690 entry concerns the WordPress plugin Lead Form Data Collection to CRM. A missing authorization check in the plugin’s AJAX handling (LB_admin_ajax.php) affects all versions up to 3.1, enabling authenticated users with Subscriber-level access and above to perform privileged action...

8.8CVSS7.2AI score0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/27 10:54 a.m.12 views

CVE-2025-30810 WordPress Lead Form Data Collection to CRM plugin <= 3.0.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Blind SQL Injection.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.0.1...

8.5CVSS0.00412EPSS
Exploits0References1
Rows per page
Query Builder