CVE-2025-60174 WordPress WP Gravity Forms Constant Contact plugin plugin <= 1.1.2 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

CVE-2025-60090 WordPress WP Gravity Forms Insightly plugin <= 1.1.6 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

CVE-2025-60091 WordPress WP Gravity Forms Zoho CRM and Bigin plugin <= 1.2.9 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

CVE-2025-60089 WordPress WP Gravity Forms FreshDesk plugin plugin <= 1.3.5 - Deserialization of untrusted data vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through = 1.3.5...

CVE-2025-60090

CVE-2025-60090 affects the WordPress plugin “WP Gravity Forms Insightly” (GF-Insightly) for CRM Perks, with affected versions from unspecified n/a up to and including 1.1.6. The issue is a deserialization of untrusted data that allows Object Injection . The CVSS 3.1 base metrics indicate a CRITIC...

CVE-2025-60089

CVE-2025-60089 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WP Gravity Forms FreshDesk Plugin gf-freshdesk (versions n/a through 1.3.5). The underlying issue is object injection via untrusted data during deserialization, as stated in multiple sources. The CV...

CVE-2025-60091

CVE-2025-60091 describes a deserialization of untrusted data vulnerability in the WordPress plugin gf-zoho (also affecting Gravity Forms Zoho CRM and Bigin) up to version 1.2.9. The underlying issue is an object‑injection risk arising from deserialization in this plugin, which leads to potential ...

CVE-2025-60174

CVE-2025-60174 affects the WordPress plugin WP Gravity Forms Constant Contact Plugin gf-constant-contact (versions from unspecified n/a up to and including 1.1.2). The vulnerability is described as a Deserialization of Untrusted Data issue that allows Object Injection. Core details provided acros...

EUVD-2025-204104

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.3.1...

CVE-2025-60080 WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

CVE-2025-60084 WordPress PDF for Elementor Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Object Injection.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

CVE-2025-60080 WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through = 6.5.0...

CVE-2025-60084

CVE-2025-60084 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder. The issue enables Object Injection through untrusted data deserialization in the add-ons.org plugin, with affected versions reported as up t...

CVE-2025-60080

CVE-2025-60080 affects the WordPress plugin PDF for Gravity Forms + Drag And Drop Template Builder (versions n/a to 6.3.0, with related notices in other feeds). Root cause is Deserialization of Untrusted Data leading to Object Injection. This vulnerability is described across multiple sources (Re...

CVE-2025-11924

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.13.2. This is due to the plugin not properly verifying that a user is authorized before the ninja-forms-views REST endpoints...

CVE-2025-13861

The HTML Forms – Simple WordPress Forms Plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to and including 1.6.0 due to insufficient sanitization of fabricated file upload field metadata before displaying it in the WordPress admin dashboard. This...

PT-2025-52148

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

PT-2025-52149

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

PT-2025-52147

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

PT-2025-52150

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...