8173 matches found
CVE-2024-13666
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...
CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...
CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...
WordPress plugin Fluent Forms 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...
WordPress Fluent Forms plugin <= 5.2.12 - IP-Spoofing vulnerability
IP-Spoofing vulnerability discovered by shaman0x01 in WordPress Plugin FluentForm versions = 5.2.12...
MAL-2025-2489 Malicious code in @accesshsc/access-forms-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5532f679e8c8daf9b32846e16d1f695ecbf0f601f32c63f11891266a56e71d78 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-13498
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...
CVE-2024-13498
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...
CVE-2024-13498 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...
CVE-2024-13498
CVE-2024-13498 involves the WordPress plugin NEX-Forms – Ultimate Form Builder, where unauthenticated attackers can exfiltrate sensitive data via file uploads in all versions up to 8.8.1 due to insufficient directory listing protection and non-randomized file names. The issue is confirmed in conn...
CVE-2024-13498 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure
The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...
WordPress plugin NEX-Forms – Ultimate Form Builder – Contact forms and much more 信息泄露漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin NEX-Forms - Ultimate Form Builder - Contact forms and much...
WordPress NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin <= 8.8.1 - Unauthenticated Sensitive Information Exposure vulnerability
Unauthenticated Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin NEX-Forms versions = 8.8.1...
CVE-2025-22212
A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the submission management area in backend...
CVE-2025-23904
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...
Linux Distros Unpatched Vulnerability : CVE-2020-12803
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an...
CVE-2025-23904
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...
CVE-2025-23763
Missing Authorization vulnerability in Alex Volkov WAH Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WAH Forms: from n/a through 1.0...
CVE-2025-23904 WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...
CVE-2025-23904 WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...