WordPress Pie Forms for WP plugin <= 1.6 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Vanh - GCSC in WordPress Plugin Drag & Drop Builder versions = 1.6...

WordPress Gravity Forms plugin <= 2.9.21.1 - Unauthenticated Arbitrary File Upload via Legacy Chunked Upload vulnerability

Unauthenticated Arbitrary File Upload via Legacy Chunked Upload vulnerability discovered by Talal Nasraddeen in WordPress Plugin Gravity Forms versions = 2.9.21.1...

Wapiti Web Application Vulnerability Scanner 3.2.10

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

Wapiti Web Application Vulnerability Scanner 3.2.10 Source Code

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...

VulnCheck KEV: CVE-2025-12974

The Gravity Forms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the legacy chunked upload mechanism in all versions up to, and including, 2.9.21.1. This is due to the extension blacklist not including .phar files, which can be uploaded through...

Average Hardness of SIVP for Module Lattices of Fixed Rank

The problem of finding short vectors in Euclidean lattices is a central hard problem in complexity theory. The case of module lattices i.e., lattices which are also modules over a number ring is of particular interest for cryptography and computational number theory. The hardness of finding short...

CVE-2025-64264

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

CVE-2025-41069 Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite

Insecure Direct Object Reference IDOR vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in...

EUVD-2025-163781

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

CVE-2025-64264

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

CVE-2025-64264 WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

CVE-2025-64264 WordPress Popup addon for Ninja Forms plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

CVE-2025-64264

Summary: CVE-2025-64264 affects the WordPress Popup addon for Ninja Forms plugin (versions ≤ 3.5.1). The issue is an "Improper Neutralization of Input During Web Page Generation" (Stored XSS) vulnerability caused by insufficient filtering/escaping of user-supplied data in the popup addon. The con...

WordPress plugin Popup addon for Ninja Forms 安全漏洞

WordPress Popup addon for Ninja Forms plugin is a WordPress form plugin that supports the creation of contact forms, signup forms and more. Its Popup/Modal plugin generates informational or promotional popups for email subscriptions, login signups, and other scenarios. A cross-site scripting...

PT-2025-46800

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1...

WordPress Gravity Forms plugin arbitrary file upload vulnerability

WordPress Gravity Forms plugin is a professional forms plugin for the WordPress platform, mainly used to create and manage various interactive forms, supporting data collection, payment processing, workflow automation and other features. WordPress Gravity Forms plugin has an arbitrary file upload...

WordPress HTML Forms plugin <= 1.5.5 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin HTML Forms versions = 1.5.5...

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from the Czech company JetBrains. The software features bug tracking, creating workflows and monitoring project progress. A security vulnerability exists in versions prior to JetBrains YouTrack 2025.3.104432, which...

Wapiti Web Application Vulnerability Scanner 3.2.9

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

Wapiti Web Application Vulnerability Scanner 3.2.9 Source Code

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the source code release...