CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8170 matches found

Cvelist•added 2025/11/06 3:54 p.m.•8 views

CVE-2025-60197 WordPress Simple Contact Forms plugin <= 1.6.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through = 1.6.4...

8.1CVSS0.0035EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:54 p.m.•2 views

CVE-2025-60197 WordPress Simple Contact Forms plugin <= 1.6.4 - Local File Inclusion vulnerability

8.1CVSS6.7AI score0.0035EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•7 views

CVE-2025-60197

CVE-2025-60197 refers to a Local File Inclusion in the WordPress plugin Simple Contact Forms (owner: owenr88) version <= 1.6.4, caused by improper control of the filename in include/require statements. Affected product/component: WordPress plugin Simple Contact Forms; vulnerability type: PHP L...

8.1CVSS6.7AI score0.0035EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:54 p.m.•7 views

CVE-2025-58636 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data Vulnerability

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...

9.8CVSS0.004EPSS

Exploits0References1

EUVD•added 2025/11/06 3:54 p.m.•3 views

EUVD-2025-38140

6.5AI score0.004EPSS

Exploits0References2

Vulnrichment•added 2025/11/06 3:54 p.m.•5 views

CVE-2025-58636 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data Vulnerability

6.6AI score0.004EPSS

Exploits0References1

CVE•added 2025/11/06 3:54 p.m.•10 views

CVE-2025-58636

The CVE describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WP Gravity Forms Keap/Infusionsoft (gf-infusionsoft) affecting versions from n/a up to and including 1.2.3. The root cause is object injection via unsafe deserialization. According to the public records, t...

9.8CVSS6.6AI score0.004EPSS

Exploits0References1

EUVD•added 2025/11/06 3:53 p.m.•2 views

EUVD-2025-38007

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through = 1.1.6...

5.9AI score0.00182EPSS

Exploits0References2

Cvelist•added 2025/11/06 3:53 p.m.•6 views

CVE-2025-49905 WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00182EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:53 p.m.•1 views

CVE-2025-49905 WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

7.1CVSS5.9AI score0.00182EPSS

Exploits0References1

CVE•added 2025/11/06 3:53 p.m.•6 views

CVE-2025-49905

CVE-2025-49905 concerns the WordPress plugin Range Slider Addon for Gravity Forms (Plugin: range-slider-addon-for-gravity-forms) with an improper input neutralization that enables a Reflected XSS. Affected versions are Range Slider Addon for Gravity Forms

7.1CVSS6AI score0.00182EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:53 p.m.•8 views

CVE-2025-48330 WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...

7.5CVSS0.00352EPSS

Exploits0References1

EUVD•added 2025/11/06 3:53 p.m.•3 views

EUVD-2025-38016

6.6AI score0.00352EPSS

Exploits0References2

Vulnrichment•added 2025/11/06 3:53 p.m.•1 views

CVE-2025-48330 WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability

7.5CVSS6.6AI score0.00352EPSS

Exploits0References1

CVE•added 2025/11/06 3:53 p.m.•16 views

CVE-2025-48330

CVE-2025-48330 concerns the WordPress plugin Real Time Validation for Gravity Forms, affecting versions

7.5CVSS6.7AI score0.00352EPSS

Exploits0References1

RedhatCVE•added 2025/11/06 3:11 a.m.•4 views

CVE-2025-8871

The Everest Forms Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input in the mimecontenttype function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may ...

5.6CVSS7.2AI score0.00239EPSS

Exploits0References1

Positive Technologies•added 2025/11/06 12:0 a.m.•3 views

PT-2025-45205

7.1AI score0.00352EPSS

Exploits0References2

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45247

7AI score0.004EPSS

Exploits0References2

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45270

8.2CVSS7.1AI score0.0035EPSS

Exploits0References2

CNNVD•added 2025/11/06 12:0 a.m.•1 views

WordPress plugin Real Time Validation for Gravity Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

7.5CVSS6.5AI score0.00352EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by