CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/12/18 7:53 p.m.•8 views

CVE-2019-25229

CVE-2019-25229 concerns Kentico Xperience MVC Forms Unrestricted File Upload. Multiple connected sources describe an issue where authenticated users with only the 'Read data' permission can upload arbitrary file types through the MVC form file uploader components, by manipulating file names, enab...

8.8CVSS6.6AI score0.00042EPSS

Exploits0References2Affected Software1

EUVD•added 2025/12/18 9:30 a.m.•3 views

EUVD-2025-204098

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through = 1.1.2...

EUVD•added 2025/12/18 9:30 a.m.•3 views

EUVD-2025-204097

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

EUVD•added 2025/12/18 9:30 a.m.•2 views

EUVD-2025-204096

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through = 1.5.1...

EUVD•added 2025/12/18 9:30 a.m.•2 views

EUVD-2025-204100

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

EUVD•added 2025/12/18 9:30 a.m.•1 views

EUVD-2025-204106

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Object Injection.This issue affects PDF for WPForms: from n/a through = 6.3.1...

8.8CVSS6.5AI score0.00118EPSS

EUVD•added 2025/12/18 9:30 a.m.•3 views

EUVD-2025-204101

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through = 1.3.5...

EUVD•added 2025/12/18 9:30 a.m.•2 views

EUVD-2025-204108

Deserialization of Untrusted Data vulnerability in add-ons.org PDF for Gravity Forms + Drag And Drop Template Builder pdf-for-gravity-forms allows Object Injection.This issue affects PDF for Gravity Forms + Drag And Drop Template Builder: from n/a through = 6.3.0...

7.5CVSS6.5AI score0.00066EPSS

OSV•added 2025/12/18 8:16 a.m.•3 views

CVE-2025-60089

CVE-2025-60091

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through = 1.2.9...

OSV•added 2025/12/18 8:16 a.m.•2 views

CVE-2025-60091

OSV•added 2025/12/18 8:16 a.m.•2 views

CVE-2025-60178

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

CVE-2025-60180

NVD•added 2025/12/18 8:16 a.m.•1 views

CVE-2025-60090

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

OSV•added 2025/12/18 8:16 a.m.•2 views

CVE-2025-60180

CVE-2025-60174

OSV•added 2025/12/18 8:16 a.m.•1 views

CVE-2025-60090

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through = 1.1.6...

NVD•added 2025/12/18 8:16 a.m.•3 views

CVE-2025-60178

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through = 1.2.6...

CVE-2025-60080

7.5CVSS0.00066EPSS