WordPress NEX-Forms plugin <= 8.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin NEX-Forms versions = 8.7.3...

WordPress Zoho Forms Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS)

Software Zoho Forms Type Plugin Vulnerable versions = 4.0 Fixed in 4.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47633 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cd73af6a9904 Credits Trương Hữu Phúc truonghuuphuc Required...

WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.7.3 is vulnerable to Cross Site Scripting (XSS)

Software NEX-Forms – Ultimate Form Builder Type Plugin Vulnerable versions = 8.7.3 Fixed in 8.7.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47389 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ed1c15130e3 Credits Le Ngoc Anh...

WordPress Quill Forms Plugin <= 3.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Quill Forms Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47393 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 34a391a0728b Credits LVT-tholv2k Required privilege Contributor...

WordPress BSK Forms Blacklist Plugin <= 3.8.1 is vulnerable to Cross Site Scripting (XSS)

Software BSK Forms Blacklist Type Plugin Vulnerable versions = 3.8.1 Fixed in 3.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47624 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e1ac0fe32043 Credits Le Ngoc Anh Required privilege...

WordPress Keap Official Opt-in Forms Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Keap Official Opt-in Forms Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47642 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bd939afd94d0 Credits stealthcopter Required...

MAL-2024-8993 Malicious code in o-forms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25b374e8cd180dff7ae84c9c314413e3245035666189a4ba5c9e0a7fd6b1c201 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in o-forms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25b374e8cd180dff7ae84c9c314413e3245035666189a4ba5c9e0a7fd6b1c201 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Hospital Management System 安全漏洞

Hospital Management System HMS is a computer system that helps manage healthcare-related information and helps healthcare providers do their jobs efficiently. A security vulnerability exists in Hospital Management System version 6.3.5 that stems from the presence of a cross-site request forgery...

WordPress Ninja Forms Contact Form plugin <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer vulnerability

Reflected Self-Based Cross-Site Scripting via Referer vulnerability discovered by wesley wcraft in WordPress Plugin Ninja Forms versions = 3.8.15...

CVE-2024-3866

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-3866

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-3866 Ninja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-3866 Ninja Forms Contact Form <= 3.8.15 - Reflected Self-Based Cross-Site Scripting via Referer

The Ninja Forms Contact Form plugin for WordPress is vulnerable to Reflected Self-Based Cross-Site Scripting via the 'Referer' header in all versions up to, and including, 3.8.15 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-3866

CVE-2024-3866 refers to the Ninja Forms Contact Form plugin for WordPress, vulnerable up to version 3.8.15. The issue is a Reflected Self-Based Cross-Site Scripting via the Referer header caused by insufficient input sanitization and output escaping. It can allow unauthenticated attackers to inje...

WordPress Ninja Forms Plugin <= 3.8.15 is vulnerable to Cross Site Scripting (XSS)

Software Ninja Forms Type Plugin Vulnerable versions = 3.8.15 Fixed in 3.8.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3866 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 8846b83daea8 Credits wesley wcraft Required...

WordPress plugin Ninja Forms Contact Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress CubeWP Forms plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hunter85 Patchstack Alliance in WordPress Plugin CubeWP Forms versions = 1.1.1...

CVE-2024-8791

The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...

CVE-2024-8791

The Donation Forms by Charitable – Donations Plugin & Fundraising Platform for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.8.1.14. This is due to the plugin not properly verifying a user's identity when the ID parameter is supplied...