Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8180 matches found

Vulnrichment
Vulnrichmentadded 2024/07/27 12:30 p.m.17 views

CVE-2024-6703 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Welcome Screen Fields

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ and 'btntxt' parameters in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

4.9CVSS5.9AI score0.00304EPSS
Exploits0References3
CVE
CVEadded 2024/07/27 12:30 p.m.68 views

CVE-2024-6703

CVE-2024-6703 affects the WordPress plugin “Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder.” The vulnerability is a Stored Cross-Site Scripting (XSS) due to insufficient input sanitization and output escaping in the description and btn_txt parameters, exploi...

5.4CVSS4.8AI score0.00304EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2024/07/27 12:15 p.m.1 views

CVE-2024-6520

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for...

4.8CVSS5.9AI score0.003EPSS
Exploits0References3
OSV
OSVadded 2024/07/27 12:15 p.m.3 views

CVE-2024-6521

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for...

4.8CVSS5.9AI score0.00303EPSS
Exploits0References3
NVD
NVDadded 2024/07/27 12:15 p.m.40 views

CVE-2024-6520

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom error message in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes ...

4.8CVSS0.003EPSS
Exploits0References3
OSV
OSVadded 2024/07/27 12:15 p.m.2 views

CVE-2024-6518

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it possible for...

4.8CVSS5.9AI score
Exploits0References3
CVE
CVEadded 2024/07/27 11:37 a.m.51 views

CVE-2024-6520

CVE-2024-6520 concerns the WordPress Fluent Forms Contact Form Plugin (Quiz, Survey, Drag & Drop) with a Stored Cross-Site Scripting flaw in versions up to 5.1.19, caused by insufficient input sanitization and output escaping. Exploitation requires Administrator-level privileges (and above) and c...

4.8CVSS6AI score0.003EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/27 11:13 a.m.13 views

CVE-2024-6521 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dropdown fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it...

4.4CVSS6AI score0.00303EPSS
Exploits0References3
CVE
CVEadded 2024/07/27 11:13 a.m.51 views

CVE-2024-6521

CVE-2024-6521 affects the WordPress plugin Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder. All versions up to 5.1.19 are vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. Exploitation requires Administrator...

4.8CVSS6AI score0.00303EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/27 12:0 a.m.2 views

PT-2024-37685 · Fluent Forms · Contact-Form-Plugin

Name of the Vulnerable Software and Affected Versions: The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.19 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input...

5.5CVSS5.9AI score0.003EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/07/27 12:0 a.m.3 views

PT-2024-37684 · Fluent Forms · Contact Form Plugin By Fluent Forms

Name of the Vulnerable Software and Affected Versions: The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.19 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input...

5.5CVSS5.9AI score0.00303EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/07/27 12:0 a.m.3 views

PT-2024-37810 · Fluent Forms · Contact Form Plugin By Fluent Forms

Name of the Vulnerable Software and Affected Versions: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.19 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input...

5.4CVSS6AI score0.00304EPSS
Exploits0References7
Patchstack
Patchstackadded 2024/07/24 8:33 a.m.3 views

WordPress Ninja Forms plugin <= 3.8.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Ninja Forms versions = 3.8.6...

8.8CVSS7AI score0.0019EPSS
Exploits0Affected Software1
Patchstack
Patchstackadded 2024/07/24 12:0 a.m.15 views

WordPress Ninja Forms Plugin <= 3.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ninja Forms Type Plugin Vulnerable versions = 3.8.6 Fixed in 3.8.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-39628 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d4c57bafbe6c Credits Rafie Muhammad Patchsta...

8.8CVSS6.7AI score0.0019EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/07/23 12:0 a.m.4 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

5.4CVSS5.8AI score0.00279EPSS
Exploits0References2
OSV
OSVadded 2024/07/22 11:15 a.m.1 views

CVE-2024-38773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

9.8CVSS5.8AI score0.01987EPSS
Exploits0References1
NVD
NVDadded 2024/07/22 11:15 a.m.23 views

CVE-2024-38773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

9.8CVSS0.01987EPSS
Exploits0References1
CVE
CVEadded 2024/07/22 10:7 a.m.53 views

CVE-2024-38773

CVE-2024-38773: WordPress FormLift for Infusionsoft Web Forms (

9.8CVSS9.7AI score0.01987EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/07/22 10:7 a.m.24 views

CVE-2024-38773 WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17...

9.3CVSS0.01987EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/07/22 6:38 a.m.3 views

WordPress HTML Forms plugin < 1.3.33 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Majdeddine Ben Hadj Brahim in WordPress Plugin HTML Forms versions 1.3.33...

5.9CVSS6AI score0.00333EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder