Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8176 matches found

OSV
OSVadded 2024/12/04 4:20 p.m.5 views

DRUPAL-CONTRIB-2024-071

This module allows a site builder to create multi-step entity forms leveraging the Field Group field type plugins. The module doesn't escape plain text administrative configurations. An attacker with admin access could inject arbitrary JavaScript code. This vulnerability is mitigated by the fact...

4.8CVSS6.6AI score0.00228EPSS
Exploits0References1
OSV
OSVadded 2024/12/04 3:15 p.m.2 views

CVE-2024-40745

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

5.4CVSS5.5AI score0.00214EPSS
Exploits0References1
NVD
NVDadded 2024/12/04 3:15 p.m.22 views

CVE-2024-40745

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

5.4CVSS0.00214EPSS
Exploits0References1
OSV
OSVadded 2024/12/04 3:15 p.m.2 views

CVE-2024-40744

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

9.8CVSS5.8AI score0.00487EPSS
Exploits0References1
NVD
NVDadded 2024/12/04 3:15 p.m.19 views

CVE-2024-40744

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

9.8CVSS0.00487EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/12/04 3:2 p.m.25 views

CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

0.00214EPSS
Exploits0References1
CVE
CVEadded 2024/12/04 3:2 p.m.76 views

CVE-2024-40745

The CVE-2024-40745 entry concerns a Reflected Cross‑Site Scripting (XSS) vulnerability in the Joomla Convert Forms component, affecting versions prior to 4.4.8. Multiple connected sources (Red Hat, CVE lists, CNVD, CVE records) consistently identify the affected product as the Convert Forms compo...

5.4CVSS5.4AI score0.00214EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/12/04 3:2 p.m.14 views

CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8

Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.8...

6.7AI score0.00214EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/12/04 3:1 p.m.8 views

CVE-2024-40744 Extension - tassos.gr - Unrestricted file upload in Convert Forms component for Joomla < 4.4.8

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

7.2AI score0.00487EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/12/04 3:1 p.m.25 views

CVE-2024-40744 Extension - tassos.gr - Unrestricted file upload in Convert Forms component for Joomla < 4.4.8

Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.8...

0.00487EPSS
Exploits0References1
CVE
CVEadded 2024/12/04 3:1 p.m.80 views

CVE-2024-40744

CVE-2024-40744 affects the Joomla extension Convert Forms; versions prior to 4.4.8 are vulnerable. The issue is an unrestricted file upload via a security bypass in the Convert Forms component, enabling potential malicious uploads. The vulnerability is high impact (per CVSS 3.1: AV:N/AC:L/PR:N/UI...

9.8CVSS9.6AI score0.00487EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/12/04 7:32 a.m.19 views

CVE-2024-11293 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login <= 1.7.9 - Authentication Bypass via WordPress.com OAuth provider

The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Social Sites Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.9. This is due to insufficient...

8.1CVSS0.00507EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/12/04 12:0 a.m.3 views

PT-2024-29023 · Joomla · Convert Forms

Name of the Vulnerable Software and Affected Versions: Convert Forms component for Joomla versions prior to 4.4.8 Description: The issue is related to an unrestricted file upload via a security bypass in the Convert Forms component for Joomla. This allows for potential malicious file uploads...

9.8CVSS7.3AI score0.00487EPSS
Exploits0References6
Drupal
Drupaladded 2024/12/04 12:0 a.m.10 views

Entity Form Steps - Moderately critical - Cross site scripting - SA-CONTRIB-2024-071

This module allows a site builder to create multi-step entity forms leveraging the Field Group field type plugins. The module doesn't escape plain text administrative configurations. An attacker with admin access could inject arbitrary JavaScript code. This vulnerability is mitigated by the fact...

4.8CVSS6.8AI score0.00228EPSS
Exploits0References5
CNNVD
CNNVDadded 2024/12/04 12:0 a.m.4 views

WordPress plugin Registration Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.1CVSS8.5AI score0.00507EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2024/12/04 12:0 a.m.7 views

PT-2024-29024 · Joomla · Joomla Convert Forms

Name of the Vulnerable Software and Affected Versions: Joomla Convert Forms component versions prior to 4.4.8 Description: The issue is related to a Reflected Cross site scripting vulnerability in the Convert Forms component for Joomla. This vulnerability allows for the execution of malicious...

5.4CVSS6.7AI score0.00214EPSS
Exploits0References4
NVD
NVDadded 2024/12/03 11:15 a.m.16 views

CVE-2024-11326

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00338EPSS
Exploits0References3
CVE
CVEadded 2024/12/03 11:4 a.m.47 views

CVE-2024-11326

CVE-2024-11326 relates to the WordPress plugin Campaign Monitor Forms by Optin Cat. It describes a Reflected Cross-Site Scripting vulnerability in all versions up to 2.5.7 caused by using add_query_arg without proper escaping on the URL. This enables unauthenticated attackers to inject JavaScript...

6.1CVSS6.1AI score0.00338EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2024/12/03 11:4 a.m.15 views

CVE-2024-11326 Campaign Monitor Forms by Optin Cat <= 2.5.7 - Reflected Cross-Site Scripting

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS6.5AI score0.00338EPSS
Exploits0References3
Cvelist
Cvelistadded 2024/12/03 11:4 a.m.20 views

CVE-2024-11326 Campaign Monitor Forms by Optin Cat <= 2.5.7 - Reflected Cross-Site Scripting

The Campaign Monitor Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.7. This makes it possible for unauthenticated attackers to inject arbitrary...

6.1CVSS0.00338EPSS
Exploits0References3
Rows per page
Query Builder