WordPress Piotnet Forms plugin <= 1.0.30 - Path Traversal vulnerability

Path Traversal vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Piotnet Forms versions = 1.0.30...

CVE-2025-32269

Cross-Site Request Forgery CSRF vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through...

CVE-2025-32165

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...

CVE-2025-32269

Cross-Site Request Forgery CSRF vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through...

CVE-2025-32165

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...

CVE-2025-32269 WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms cf7-zendesk allows Cross Site Request Forgery.This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through...

CVE-2025-32165 WordPress Doppler Forms plugin <= 2.4.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fromdoppler Doppler Forms allows Stored XSS. This issue affects Doppler Forms: from n/a through 2.4.5...

CVE-2025-32165

DVE-2025-32165: Doppler Forms for WordPress (vulnerable up to 2.4.5) contains an Improper Neutralization of Input During Web Page Generation (Stored XSS). The vulnerability affects the Doppler Forms component and can allow stored cross-site scripting due to insufficient input sanitization during ...

CVE-2025-32165 WordPress Doppler Forms plugin <= 2.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...

WordPress Live Forms plugin <= 4.8.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin Live Forms versions = 4.8.5...

WordPress plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress plugin Doppler Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site scripting...

CVE-2025-31080

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Link Software LLC HTML Forms html-forms allows Stored XSS.This issue affects HTML Forms: from n/a through = 1.5.1...

CVE-2025-31551

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

CVE-2025-31792

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through = 1.0.30...

CVE-2025-31793

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in piotnetdotcom Piotnet Forms piotnetforms allows Stored XSS.This issue affects Piotnet Forms: from n/a through = 1.0.30...

CVE-2025-30520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crosstec Breezing Forms breezing-forms allows Reflected XSS.This issue affects Breezing Forms: from n/a through = 1.2.8.11...

CVE-2025-31533

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

CVE-2025-31615

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows Stored XSS.This issue affects Simple Contact Forms: from n/a through = 1.6.4...

CVE-2025-31551

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...