CVE-2025-53263

Cross-Site Request Forgery CSRF vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through = 1.3.4...

CVE-2025-52709

Deserialization of Untrusted Data vulnerability in wpeverest Everest Forms allows Object Injection. This issue affects Everest Forms: from n/a through 3.2.2...

CVE-2025-47654

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Reflected XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.20...

CVE-2025-5398

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of a templating engine in all versions up to, and including, 3.10.2.1 due to insufficient output escaping on user data passed through the template. This mak...

WordPress Popup addon for Ninja Forms plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Popup addon for Ninja Forms versions = 3.4...

CVE-2025-53279

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.4...

CVE-2025-53263

Cross-Site Request Forgery CSRF vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through = 1.3.4...

CVE-2025-53279

CVE-2025-53279 is a DOM-based XSS vulnerability in the Popup addon for Ninja Forms, caused by improper input neutralization during web page generation. Affected: Popup addon for Ninja Forms (versions up to 3.4). Impact and exploitability are described in public sources as XSS; CVSS details are pr...

CVE-2025-53279 WordPress Popup addon for Ninja Forms plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms allows DOM-Based XSS. This issue affects Popup addon for Ninja Forms: from n/a through 3.4...

CVE-2025-53279 WordPress Popup addon for Ninja Forms plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows DOM-Based XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.4...

CVE-2025-53263 WordPress Address Autocomplete via Google for Gravity Forms plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms gf-google-address-autocomplete allows Cross Site Request Forgery.This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through = 1.3.4...

CVE-2025-53263 WordPress Address Autocomplete via Google for Gravity Forms plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms allows Cross Site Request Forgery. This issue affects Address Autocomplete via Google for Gravity Forms: from n/a through 1.3.4...

CVE-2025-53263

CVE-2025-53263 describes a CSRF vulnerability in the WordPress plugin Address Autocomplete via Google for Gravity Forms (PluginsCafe), affecting versions up to 1.3.4. The issue enables cross-site request forgery with the attack surface exposed over the network and requires user interaction (UI=Re...

CVE-2025-52709

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2025-47654

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Reflected XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.20...

CVE-2025-47654 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.20 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Reflected XSS. This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.20...

CVE-2025-47654 WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.20 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Reflected XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through = 7.5.20...

CVE-2025-52709

...

CVE-2025-52709

...

CVE-2025-52709

CVE-2025-52709 pertains to the Everest Forms WordPress plugin. The vulnerability is a PHP Object Injection arising from deserialization of untrusted data in Everest Forms versions up to 3.2.2, potentially enabling remote code execution. Everest Forms 3.2.3 and later fix this issue. The Patchstack...