WordPress plugin CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

PT-2025-13067 · WordPress · Wp Subscription Forms

Name of the Vulnerable Software and Affected Versions: WP Subscription Forms versions 1.2.3 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

CVE-2025-30571

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through = 1.0.4...

Improper Isolation or Compartmentalization

Overview CefSharp.WinForms is a the CefSharp Chromium-based browser component WinForms control. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization that allows an attacker who can convince a user to follow a malicious link to escape sandbox protections,...

CVE-2025-30571

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through = 1.0.4...

CVE-2025-30571 WordPress STEdb Forms plugin <= 1.0.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through = 1.0.4...

CVE-2025-30571

CVE-2025-30571 is an authenticated SQL Injection in STEdb Forms (STEdb Forms

CVE-2025-30571 WordPress STEdb Forms plugin <= 1.0.4 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through = 1.0.4...

WordPress STEdb Forms plugin <= 1.0.4 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by kuteminh11 - VNPT Cyber Immunity in WordPress Plugin STEdb Forms versions = 1.0.4...

CVE-2024-13666

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...

WordPress plugin STEdb Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

CVE-2024-13666

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...

CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...

CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to IP Address Spoofing in all versions up to, and including, 5.2.12 due to insufficient IP address validation and use of user-supplied HTTP headers as a primary method for...

WordPress plugin Fluent Forms 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation...

WordPress Fluent Forms plugin <= 5.2.12 - IP-Spoofing vulnerability

IP-Spoofing vulnerability discovered by shaman0x01 in WordPress Plugin FluentForm versions = 5.2.12...

MAL-2025-2489 Malicious code in @accesshsc/access-forms-engine (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5532f679e8c8daf9b32846e16d1f695ecbf0f601f32c63f11891266a56e71d78 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-13498

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...

CVE-2024-13498

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...

CVE-2024-13498 NEX-Forms – Ultimate Form Builder – Contact forms and much more <= 8.8.1 - Unauthenticated Sensitive Information Exposure

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.8.1 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This make...