CVE-2025-3935

CVE-2025-3935 affects ScreenConnect 25.2.3 and earlier, where ViewState code injection can enable remote code execution if machine keys are compromised. The vulnerability stems from platform-level ViewState handling in ASP.NET Web Forms rather than a ScreenConnect flaw. ScreenConnect 2025.4 patch...

CVE-2025-32620

Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...

WordPress Zoho Creator Forms plugin <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by johska in WordPress Plugin Zoho Creator Forms versions = 1.0.5...

CVE-2025-46453

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreatorTeam Zoho Creator Forms allows Stored XSS. This issue affects Zoho Creator Forms: from n/a through 1.0.5...

CVE-2025-46453 WordPress Zoho Creator Forms <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreatorTeam Zoho Creator Forms allows Stored XSS. This issue affects Zoho Creator Forms: from n/a through 1.0.5...

CVE-2025-46453

CVE-2025-46453 corresponds to a stored XSS in the WordPress Zoho Creator Forms plugin (versions

CVE-2025-46453 WordPress Zoho Creator Forms <= 1.0.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CreatorTeam Zoho Creator Forms allows Stored XSS. This issue affects Zoho Creator Forms: from n/a through 1.0.5...

WordPress plugin Zoho Creator Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17776 · Zoho · Zoho Creator Forms

Name of the Vulnerable Software and Affected Versions: Zoho Creator Forms versions 1.0.0 through 1.0.5 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS in Zoho Creator Forms...

CVE-2025-46236

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2...

CVE-2025-46236

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a through = 1.5.2...

CVE-2025-46236 WordPress HTML Forms plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a through = 1.5.2...

CVE-2025-46236 WordPress HTML Forms <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Software LLC HTML Forms allows Stored XSS. This issue affects HTML Forms: from n/a through 1.5.2...

CVE-2025-46236

CVE-2025-46236: WordPress HTML Forms plugin (Link Software LLC) contains a stored XSS due to improper input neutralization during web page generation. Affected versions are 1.5.2 and earlier. Public references (NVD/patch sources) confirm the issue and CVSS vectors/score; however, the connected do...

WordPress plugin HTML Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-17501 · Link Software Llc · Html Forms

Name of the Vulnerable Software and Affected Versions: Link Software LLC HTML Forms versions 1.5.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker...

CVE-2025-39428

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders gravity-forms-css-themes-with-fontawesome-and-placeholder-support allows Stored XSS.This issue affects Gravity Forms CSS...

CVE-2025-32620

Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...

CVE-2025-32620 WordPress Doppler Forms plugin <= 2.4.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in fromdoppler Doppler Forms doppler-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Doppler Forms: from n/a through = 2.4.6...

CVE-2025-32620 WordPress Doppler Forms plugin <= 2.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in fromdoppler Doppler Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Doppler Forms: from n/a through 2.4.5...