CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

Patchstack•added 2026/04/29 2:41 p.m.•2 views

WordPress Advanced Form Integration plugin <= 1.126.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Idan Vaknin in WordPress Plugin Advanced Form Integration versions = 1.126.12...

5.8AI score

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-55586

Malicious code in bioql PyPI...

7.6CVSS7.7AI score0.00139EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-53090

Malicious code in bioql PyPI...

5.9CVSS8.7AI score0.00137EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-40229

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00123EPSS

Exploits0References1

Vulnrichment•added 2025/10/01 3:25 a.m.•1 views

CVE-2025-10735 Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery

The Block For Mailchimp – Easy Mailchimp Form Integration plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.12 via the mcbSubmitFormData. This makes it possible for unauthenticated attackers to make web requests to arbitrary location...

4CVSS5.6AI score0.00082EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 6:59 a.m.•3 views

CVE-2024-56293

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Nasir Ahmed Advanced Form Integration advanced-form-integration allows Stored XSS.This issue affects Advanced Form Integration: from n/a through = 1.95.0...

5.9CVSS7.2AI score0.00137EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 6:57 a.m.•5 views

CVE-2024-43340

Cross-Site Request Forgery CSRF vulnerability in Nasirahmed Advanced Form Integration.This issue affects Advanced Form Integration: from n/a through 1.89.4...

4.3CVSS7AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:44 a.m.•2 views

CVE-2023-50853

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nasirahmed Advanced Form Integration – Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms.This issue affects Advanced Form Integration – Connect WooCommerce and Contact For...

7.6CVSS7.8AI score0.00139EPSS

Exploits0References1

RedhatCVE•added 2025/05/09 3:25 p.m.•5 views

CVE-2025-47644

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through = 1.0.8...

4.7CVSS7.2AI score0.00173EPSS

Exploits0References1

Patchstack•added 2025/03/25 6:58 a.m.•0 views

WordPress AFI plugin < 1.100.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by aprilliar in WordPress Plugin Advanced Form Integration versions 1.100.0...

3.5CVSS6.1AI score0.00107EPSS

Exploits1References1Affected Software1

GithubExploit•added 2025/03/24 9:45 a.m.•89 views

Exploit for CVE-2024-2387

CVE-2024-2387 Advanced Form Integration – Connect WooCommerce...

6.1CVSS7.3AI score0.44805EPSS

Exploits2

NVD•added 2025/01/07 11:15 a.m.•2 views

CVE-2024-56293

5.9CVSS0.00137EPSS

Exploits0References1

CVE•added 2025/01/07 10:49 a.m.•32 views

CVE-2024-56293

CVE-2024-56293 affects AFI – The Easiest Integration Plugin (Advanced Form Integration) for WordPress. It is a Stored XSS via improper input neutralization during web page generation, affecting AFI versions up to 1.95.0. Root cause: insufficient sanitization of input. Remediation: patch released ...

5.9CVSS7.2AI score0.00137EPSS

Exploits0References1

Cvelist•added 2025/01/07 10:49 a.m.•13 views

CVE-2024-56293 WordPress AFI – The Easiest Integration Plugin <= 1.95.0 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00137EPSS

Exploits0References1

Vulnrichment•added 2025/01/07 10:49 a.m.•3 views

CVE-2024-56293 WordPress AFI – The Easiest Integration Plugin <= 1.95.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in nasirahmed Advanced Form Integration allows Stored XSS.This issue affects Advanced Form Integration: from n/a through 1.95.0...

5.9CVSS6.8AI score0.00137EPSS

Exploits0References1

Positive Technologies•added 2025/01/07 12:0 a.m.•1 views

PT-2025-3256 · Unknown · Advanced Form Integration

Name of the Vulnerable Software and Affected Versions: Advanced Form Integration versions 1.95.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows stored XSS. Recommendations: For Advanc...

5.9CVSS9.3AI score0.00137EPSS

Exploits0References3

CNNVD•added 2025/01/07 12:0 a.m.•1 views

WordPress plugin Advanced Form Integration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS7.6AI score0.00137EPSS

Exploits0References1

Patchstack•added 2025/01/03 12:17 p.m.•0 views

WordPress AFI – The Easiest Integration Plugin <= 1.95.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by b4orvn Patchstack Alliance in WordPress Plugin Advanced Form Integration versions = 1.95.0...

5.9CVSS6.1AI score0.00137EPSS

Exploits0Affected Software1

Vulnrichment•added 2024/11/16 3:20 a.m.•14 views

CVE-2024-6628 EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.9 - Cross-Site Request Forgery

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9. This is due to missing or incorrect nonce validation when deleting form submissions. This makes it possible for...

4.3CVSS6.5AI score0.00207EPSS

Exploits0References2

CVE•added 2024/11/16 3:20 a.m.•56 views

CVE-2024-6628

CVE-2024-6628 : EleForms – All In One Form Integration including DB for Elementor (WordPress) is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to 2.9.9.9 due to missing/incorrect nonce validation when deleting form submissions. This enables unauthenticated attackers to cause ...

4.3CVSS4.2AI score0.00207EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by