CVE-2025-58006

Technical details for CVE-2025-58006 are not provided in the supplied connected documents. No product/version/impact/fix data is present here; monitor for official advisories and updates.

WordPress plugin Piotnet Forms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-38783

Name of the Vulnerable Software and Affected Versions Piotnet Forms versions through 1.0.30 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to perform actions on behalf of authenticated users. Recommendations Update Piotnet Forms to a version later...

PT-2025-38856

Name of the Vulnerable Software and Affected Versions CRM Perks WP Gravity Forms Keap/Infusionsoft versions through 1.2.4 Description The software contains a flaw that allows for redirection to untrusted sites, potentially enabling phishing attacks. This issue impacts the application's handling o...

WordPress plugin GetResponse Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

WordPress plugin WP Gravity Forms Keap/Infusionsoft 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An input...

PT-2025-39034

Name of the Vulnerable Software and Affected Versions GetResponse Forms versions through 2.6.0 Description An issue exists in GetResponse Forms related to improper neutralization of input during web page generation, leading to a Stored Cross-Site Scripting XSS condition. The issue allows for the...

CVE-2025-9083

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

Web-Vulnerability-Scanner

Web Application Vulnerability Scanner Internship Task - 2...

CVE-2025-9083

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

CVE-2025-9083

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

CVE-2025-9083

CVE-2025-9083 affects Ninja Forms for WordPress (pre-3.11.1). The vulnerability arises from unserializing user input in a form field, enabling unauthenticated PHP Object Injection when a suitable gadget exists on the blog. Remediation: upgrade Ninja Forms to version 3.11.1 or later (patched in so...

CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection

The Ninja Forms WordPress plugin before 3.11.1 unserializes user input via form field, which could allow Unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

PT-2025-38301

Name of the Vulnerable Software and Affected Versions Ninja Forms WordPress plugin versions prior to 3.11.1 Description The Ninja Forms WordPress plugin is susceptible to PHP Object Injection due to the unserialization of user-supplied data through form fields. This allows unauthenticated users t...

WordPress plugin Ninja Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

@bubbles-ui/leemons (>=1.0.0 <=1.2.277), @imtf/rjsf-conditionals (=5.0.3) +3 more potentially affected by unknown CVE via json-rules-engine-simplified (>=0.1.17 <=0.2.0)

json-rules-engine-simplified NPM version =0.1.17, =1.0.0, =0.1.0, =0.1.17, =0.1.1, =0.2.3 Source cves: unknown CVE Source advisory: SNYK:JS-JSONRULESENGINESIMPLIFIED-12704864...

pasta

The repository is a collection of code snippets and notes for learning PHP, specifically for those studying the language. The code snippets cover a range of topics, including forms, good coding practices, interview tasks, and database-related concepts. The repository is organized into several...

CVE-2025-9632 PhpList Subber <= 1.1 - Cross-Site Request Forgery

The PhpList Subber plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the bulkactionhandler function. This makes it possible for unauthenticated attackers to trigger bulk synchronizati...

CVE-2025-43778

A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.11, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.20 allows an...