Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

469 matches found

Patchstack
Patchstackadded 2015/05/15 12:0 a.m.8 views

WordPress A Forms Plugin <= 1.4.0 - Cross Site Request Forgery

This plugin is prone to a cross site request forgery vulnerability. Solution Update the plugin...

2.6AI score
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2015/05/15 12:0 a.m.7 views

WordPress TDO Mini Forms Plugin <= 0.13.9 - Remote Code Execution

This plugin is prone to a remote code execution in tdomf-upload-inline.php. Solution Update the plugin...

2.6AI score
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2015/05/15 12:0 a.m.8 views

WordPress A Forms Plugin <= 1.4.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability via: a-forms.php addfieldtosection function multiple parameter, a-forms.php aforminitialpage function multiple parameter, a-forms.php aformpage function multiple parameter, a-forms.php aformsectionpage Function message parameter,...

2.5AI score
Exploits0References1Affected Software1
NVD
NVDadded 2015/03/05 4:59 p.m.16 views

CVE-2015-2220

Multiple cross-site scripting XSS vulnerabilities in the Ninja Forms plugin before 2.8.9 for WordPress allow 1 remote attackers to inject arbitrary web script or HTML via the ninjaformsfield1 parameter in a ninjaformsajaxsubmit action to wp-admin/admin-ajax.php or 2 remote administrators to injec...

4.3CVSS5.8AI score0.02041EPSS
Exploits1References4
Prion
Prionadded 2015/03/05 4:59 p.m.16 views

Code injection

Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users...

7.5CVSS7.2AI score0.02017EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2014/12/19 12:0 a.m.11 views

WordPress Live Forms Plugin <= 1.2.0 - Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability, because form input fields on blog front-end are not filtered. The attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

1.7AI score
Exploits0References1Affected Software1
Packet Storm
Packet Stormadded 2014/10/09 12:0 a.m.33 views

Wordpress InfusionSoft Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress InfusionSoft Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the wordpress...

7.5CVSS6.5AI score0.46174EPSS
Exploits8
CVE
CVEadded 2014/09/26 9:0 p.m.58 views

CVE-2014-6446

CVE-2014-6446 affects the WordPress Infusionsoft Gravity Forms Add-on. The vulnerability exists in versions 1.5.3–1.5.10 and stems from improper access restriction, enabling remote attackers to upload arbitrary files and execute PHP code via a request to utilities/code_generator.php. Affected sof...

7.5CVSS7.7AI score0.46174EPSS
Exploits8References5Affected Software1
WPVulnDB
WPVulnDBadded 2014/08/01 10:59 a.m.5 views

A Forms 1.4.0 - a-forms.php a_form_shortcode Function Multiple Parameter XSS

The A Forms WordPress plugin was affected by an a-forms.php aformshortcode Function Multiple Parameter XSS security vulnerability...

2.3AI score
Exploits0Affected Software1
Rows per page
Query Builder