WordPress plugin Mollie Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

WordPress plugin WP Gravity Forms Zendesk 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...

WordPress plugin WP Gravity Forms Dynamics CRM 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...

PT-2025-20090 · Unknown · Wp Gravity Forms Zendesk

Name of the Vulnerable Software and Affected Versions: WP Gravity Forms Zendesk versions 1.1.2 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which can be used for Phishing attacks. Recommendations: For WP...

PT-2025-20126 · Unknown · Mollie Forms

Name of the Vulnerable Software and Affected Versions: Mollie Forms versions through 2.7.12 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicio...

PT-2025-20088 · Unknown · Wp Gravity Forms Dynamics Crm

Name of the Vulnerable Software and Affected Versions: WP Gravity Forms Dynamics CRM versions 1.1.4 and earlier Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, which allows phishing. This can potentially be exploited to...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the EntriesForm class in the Forms module. An attacker can submit files with malicious filenames and execute arbitrary JavaScript in the browser context of authenticated admins. Note: This is a persistent XS...

Mezzanine CMS Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

GHSA-2544-HPCQ-6G27 Mezzanine CMS Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

PYSEC-2025-136

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

PYSEC-2025-136

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

CVE-2025-29573

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

CVE-2025-29573

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

CVE-2025-29573

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

CVE-2025-29573

Cross-Site Scripting XSS vulnerability exists in Mezzanine CMS 6.0.0 in the "View Entries" feature within the Forms module...

CVE-2025-29573

Mezzanine CMS 6.0.0 exposes a Cross-Site Scripting (XSS) flaw in the Forms module’s View Entries feature. The vulnerability is tied to the EntriesForm path and can be triggered by submitting malicious filenames, enabling arbitrary JavaScript execution in an admin’s browser when affected entries a...

PT-2025-19774 · Unknown · Mezzanine Cms

Name of the Vulnerable Software and Affected Versions: Mezzanine CMS version 6.0.0 Description: A Cross-Site Scripting XSS issue exists in the "View Entries" feature within the Forms module. This allows for potential malicious script execution. Recommendations: For Mezzanine CMS version 6.0.0,...

CVE-2024-13845

The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'processfeed' method of the GFWebhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web...

CVE-2024-13845

The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'processfeed' method of the GFWebhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web...

CVE-2024-13845

The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.6.0 via the 'processfeed' method of the GFWebhooks class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web...