CVE-2025-30520

CVE-2025-30520 affects Breezing Forms (WordPress) up to version 1.2.8.11, with a Reflected XSS due to improper input neutralization during page generation. Affected range is Breezing Forms: from n/a through 1.2.8.11. According to the connected data, the entry is not yet patched (Patch Status: Unp...

WordPress plugin Breezing Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

WordPress plugin HTML Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Piotnet Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-14177 · Unknown · Piotnet Forms

Name of the Vulnerable Software and Affected Versions: Piotnet Forms versions 1.0.0 through 1.0.30 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

WordPress plugin Piotnet Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-14030 · Unknown · Breezing Forms

Name of the Vulnerable Software and Affected Versions: Breezing Forms versions 1.2.8.11 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Reflected XSS. Recommendations: For versions 1.2.8.11...

PT-2025-14178 · Unknown · Piotnet Forms

Name of the Vulnerable Software and Affected Versions: Piotnet Forms versions 1.0.0 through 1.0.30 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

PT-2025-14423 · Unknown · Salesmate Add-On For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Salesmate Add-On for Gravity Forms versions n/a through 2.0.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

WordPress Simple Contact Forms plugin <= 1.6.4 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Simple Contact Forms versions = 1.6.4...

WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Salesmate Add-On for Gravity Forms versions = 2.0.3...

CVE-2025-31615

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows Stored XSS.This issue affects Simple Contact Forms: from n/a through = 1.6.4...

CVE-2025-31533

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

CVE-2025-31615 WordPress Simple Contact Forms plugin <= 1.6.4 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows Stored XSS.This issue affects Simple Contact Forms: from n/a through = 1.6.4...

CVE-2025-31615 WordPress Simple Contact Forms plugin <= 1.6.4 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in owenr88 Simple Contact Forms allows Stored XSS. This issue affects Simple Contact Forms: from n/a through 1.6.4...

CVE-2025-31533 WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3...

CVE-2025-31533

CVE-2025-31533 describes a Missing Authorization vulnerability in the Salesmate Add-On for Gravity Forms . Affected versions are up to 2.0.3, with a reported base score of 5.3 (Medium). The initial data indicates the issue allows accessing functionality not properly constrained by ACLs. The conne...

WordPress plugin Salesmate Add-On for Gravity Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

OpenEMR 安全漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A security vulnerability exists in OpenEMR versions prior to 7.0.3, which stems...