WordPress plugin WP Subscription Forms PRO 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-39608

Name of the Vulnerable Software and Affected Versions WP Subscription Forms PRO versions through 2.0.5 Description An authorization issue exists in WP Subscription Forms PRO, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update WP Subscription...

Fortra FileCatalyst 5.1.6 < 5.2.0 build 130 Unrestricted File Upload (fi-2025-010)

The version of Fortra FileCatalyst Workflow running on the remote host is 5.1.6 prior to 5.2.0 build 130. It is, therefore, is affected by a unrestricted file upload vulnerability as referenced in fi-2025-010 advisory. - Improper Access Control issue in the Workflow component of Fortra's...

CVE-2025-58006

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Phishing.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.6...

CVE-2025-59549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fatcatapps GetResponse Forms getresponse allows Stored XSS.This issue affects GetResponse Forms: from n/a through = 2.6.0...

CVE-2025-57933

Cross-Site Request Forgery CSRF vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Cross Site Request Forgery.This issue affects Piotnet Forms: from n/a through = 1.0.30...

CVE-2025-59549

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fatcatapps GetResponse Forms getresponse allows Stored XSS.This issue affects GetResponse Forms: from n/a through = 2.6.0...

CVE-2025-58006

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Phishing.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.6...

CVE-2025-57933

Cross-Site Request Forgery CSRF vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Cross Site Request Forgery.This issue affects Piotnet Forms: from n/a through = 1.0.30...

WordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin Piotnet Forms versions = 1.0.30...

WordPress WP Gravity Forms Keap/Infusionsoft plugin <= 1.2.6 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Bonds in WordPress Plugin WP Gravity Forms Keap/Infusionsoft versions = 1.2.6...

WordPress GetResponse Forms Plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin GetResponse Forms versions = 2.6.0...

CVE-2025-59549 WordPress GetResponse Forms Plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fatcatapps GetResponse Forms allows Stored XSS. This issue affects GetResponse Forms: from n/a through 2.6.0...

CVE-2025-59549

CVE-2025-59549 is a stored XSS in GetResponse Forms by Optin Cat for WordPress, affecting plugin versions up to 2.6.0. Root cause: improper neutralization of input during web page generation. Impact is cross-site scripting when an attacker injects malicious input; exploit details are not provided...

CVE-2025-59549 WordPress GetResponse Forms Plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fatcatapps GetResponse Forms getresponse allows Stored XSS.This issue affects GetResponse Forms: from n/a through = 2.6.0...

CVE-2025-57933 WordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in piotnetdotcom Piotnet Forms allows Cross Site Request Forgery. This issue affects Piotnet Forms: from n/a through 1.0.30...

CVE-2025-57933 WordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Cross Site Request Forgery.This issue affects Piotnet Forms: from n/a through = 1.0.30...

CVE-2025-57933

Technical details of CVE-2025-57933 are not provided in the connected documents. The initial description notes a CSRF issue in Piotnet Forms affecting versions from n/a to 1.0.30; monitor for official vendor advisories or patches for specifics.

CVE-2025-58006 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.4 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft allows Phishing. This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through 1.2.4...

CVE-2025-58006 WordPress WP Gravity Forms Keap/Infusionsoft plugin <= 1.2.6 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Phishing.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.6...