89 matches found
CVE-2026-27937 October: Reflected XSS via DataTable Form Widget
October is a Content Management System CMS and web platform. Prior to 3.7.16 and 4.1.16, a reflected Cross-Site Scripting XSS vulnerability was identified in the backend DataTable widget where a query parameter was rendered without proper output escaping. This vulnerability is fixed in 3.7.16 and...
CVE-2025-62134
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through = 1.5.1...
CVE-2025-62134
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through = 1.5.1...
CVE-2025-62134
Technical details for CVE-2025-62134 are not publicly provided in the supplied documents. Monitor for updates.
EUVD-2025-205955
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through 1.5.1...
CVE-2025-62134 WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through = 1.5.1...
CVE-2025-62134 WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in A WP Life Contact Form Widget new-contact-form-widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through = 1.5.1...
WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Contact Form Widget versions = 1.5.1...
PT-2025-54337
Name of the Vulnerable Software and Affected Versions A WP Life Contact Form Widget versions through 1.5.1 Description A Cross-Site Request Forgery CSRF issue exists in A WP Life Contact Form Widget. This allows attackers to perform actions on behalf of authenticated users without their knowledge...
WordPress plugin Contact Form Widget 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
EUVD-2019-7543
Malware in sbrugna...
EUVD-2024-35024
Malicious code in bioql PyPI...
EUVD-2025-13831
Malicious code in bioql PyPI...
EUVD-2025-21415
Malicious code in bioql PyPI...
EUVD-2024-42909
Malicious code in bioql PyPI...
EUVD-2025-21413
Malicious code in bioql PyPI...
CVE-2025-7341
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the tempfiledelete function in all versions up to, and including, 2.2.1. This makes it possible for...
CVE-2025-7360
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handlefilesupload function in all versions up to, and including, 2.2.1. This makes it possible for...
CVE-2025-7360
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation in the handlefilesupload function in all versions up to, and including, 2.2.1. This makes it possible for...
CVE-2025-7341
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the tempfiledelete function in all versions up to, and including, 2.2.1. This makes it possible for...