8171 matches found
WordPress plugin Drag and Drop File Upload for Elementor Forms 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress PDF for Elementor Forms + Drag And Drop Template Builder Plugin <= 6.2.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin PDF for Elementor Forms + Drag And Drop Template Builder versions = 6.2.0...
CVE-2025-58208
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Stored XSS.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a...
CVE-2025-58208
The CVE-2025-58208 entry concerns a Stored Cross-Site Scripting (XSS) in the WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder (versions up to 6.2.0). The root cause is improper input neutralization during web page generation, enabling stored XSS to affect pages generated ...
CVE-2025-58208 WordPress PDF for Elementor Forms + Drag And Drop Template Builder Plugin <= 6.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Stored XSS.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a...
CVE-2025-58208 WordPress PDF for Elementor Forms + Drag And Drop Template Builder Plugin <= 6.2.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder pdf-for-elementor-forms allows Stored XSS.This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a...
WordPress plugin PDF for Elementor Forms + Drag And Drop Template Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
PT-2025-34920 · WordPress · Pdf For Elementor Forms + Drag/Drop Template Builder
Name of the Vulnerable Software and Affected Versions: PDF for Elementor Forms + Drag And Drop Template Builder versions through 6.2.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation issue, specifically a Stored Cross-site Scripting XSS flaw. This...
Linux Distros Unpatched Vulnerability : CVE-2024-43370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting XSS injection if .po dictionary definition files are corrupted. This...
Linux Distros Unpatched Vulnerability : CVE-2017-16790
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler...
WordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Drag and Drop File Upload for Elementor Forms versions = 1.5.3...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
WordPress PDF for Gravity Forms + Drag And Drop Template Builder plugin <= 6.5.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin PDF for Gravity Forms + Drag And Drop Template Builder versions = 6.5.0...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the lack of temporary file deletions in the forms upload field. An attacker can exhaust system resources by uploading an unlimited number of files, potentially leading to...
GHSA-84PP-QR92-95C9 Liferay Portal users can upload an unlimited amount of files
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
Liferay Portal users can upload an unlimited amount of files
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
CVE-2025-43762 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.1 (also 2024 Qx releases), where forms upload allows an unlimited number of files to be stored in document_library, enabling a potential DDoS. Concrete details available: vulnerable components include form upl...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-46962
Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they brow...