WordPress plugin 4ECPS Web Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress plugin Conversational Forms for ChatBot 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2025-4722 · Unknown · Chatbot Conversational Forms

Name of the Vulnerable Software and Affected Versions: Conversational Forms para ChatBot versions 1.4.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for Cross-site Scripting XSS. Specifically, it enables Stored XSS. Thi...

WordPress ChatBot Conversational Forms plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Conversational Forms for ChatBot versions = 1.4.2...

WordPress 4ECPS Web Forms Plugin <= 0.2.18 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin 4ECPS Web Forms versions = 0.2.18...

WordPress Quill Forms plugin <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by theviper17y in WordPress Plugin Quill Forms versions = 3.10.0...

CVE-2024-11826

The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including...

CVE-2024-11826

The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including...

CVE-2025-22347

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

CVE-2024-51651

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.10...

CVE-2024-11826 Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including...

CVE-2024-11826 Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quillforms-popup' shortcode in all versions up to, and including...

CVE-2024-11826

The CVE-2024-11826 entry refers to The Quill Forms WordPress plugin, where a Stored Cross-Site Scripting vulnerability exists in the quillforms-popup shortcode for all versions up to and including 3.10.0. Exploitation requires authenticated access at contributor level or higher, with the attacker...

CVE-2024-51651 WordPress CubeWP Forms plugin <= 1.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.10...

CVE-2024-51651 WordPress CubeWP Forms plugin <= 1.1.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Imran Tauqeer CubeWP Forms cubewp-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms: from n/a through = 1.1.10...

CVE-2024-51651

CVE-2024-51651 is a Missing Authorization issue in CubeWP Forms – All-in-One Form Builder. Affected versions: 1.1.5 and earlier. CVSS v3.1 base score 5.3 (NETWORK, LOW complexity, PRIV:S NONE, UI: NONE). Impact per sources is limited to an incorrect access-control configuration; exploitation deta...

CVE-2025-22347 WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

CVE-2025-22347

CVE-2025-22347 describes a Cross-Site Request Forgery that enables Blind SQL Injection in the BSK Forms Blacklist plugin for BannerSky.com, affecting versions up to 3.9. The Red Hat advisory corroborates the CSRF/SQL-injection pattern for this plugin family, noting the vulnerability context as Au...

CVE-2025-22347 WordPress BSK Forms Blacklist plugin <= 3.9 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery CSRF vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a through = 3.9...

WordPress plugin Quill Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...