8134 matches found
CVE-2025-60197
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through = 1.6.4...
CVE-2025-58636
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...
CVE-2025-49905
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through = 1.1.6...
CVE-2025-48330
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...
CVE-2025-60197 WordPress Simple Contact Forms plugin <= 1.6.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through = 1.6.4...
CVE-2025-60197
CVE-2025-60197 refers to a Local File Inclusion in the WordPress plugin Simple Contact Forms (owner: owenr88) version <= 1.6.4, caused by improper control of the filename in include/require statements. Affected product/component: WordPress plugin Simple Contact Forms; vulnerability type: PHP L...
CVE-2025-60197 WordPress Simple Contact Forms plugin <= 1.6.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through = 1.6.4...
CVE-2025-58636 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data Vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...
CVE-2025-58636
The CVE describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin WP Gravity Forms Keap/Infusionsoft (gf-infusionsoft) affecting versions from n/a up to and including 1.2.3. The root cause is object injection via unsafe deserialization. According to the public records, t...
CVE-2025-58636 WordPress WP Gravity Forms Keap/Infusionsoft Plugin <= 1.2.3 - Deserialization of untrusted data Vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...
EUVD-2025-38140
Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Keap/Infusionsoft gf-infusionsoft allows Object Injection.This issue affects WP Gravity Forms Keap/Infusionsoft: from n/a through = 1.2.3...
EUVD-2025-38007
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through = 1.1.6...
CVE-2025-49905 WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through = 1.1.6...
CVE-2025-49905 WordPress Range Slider Addon for Gravity Forms plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsCafe Range Slider Addon for Gravity Forms range-slider-addon-for-gravity-forms allows Reflected XSS.This issue affects Range Slider Addon for Gravity Forms: from n/a through = 1.1.6...
CVE-2025-49905
CVE-2025-49905 concerns the WordPress plugin Range Slider Addon for Gravity Forms (Plugin: range-slider-addon-for-gravity-forms) with an improper input neutralization that enables a Reflected XSS. Affected versions are Range Slider Addon for Gravity Forms
EUVD-2025-38016
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...
CVE-2025-48330 WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...
CVE-2025-48330
CVE-2025-48330 concerns the WordPress plugin Real Time Validation for Gravity Forms, affecting versions
CVE-2025-48330 WordPress Real Time Validation for Gravity Forms <= 1.7.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Daman Jeet Real Time Validation for Gravity Forms real-time-validation-for-gravity-forms allows PHP Local File Inclusion.This issue affects Real Time Validation for Gravity Forms...
CVE-2025-8871
The Everest Forms Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.9.7 via deserialization of untrusted input in the mimecontenttype function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may ...