CVE-2023-47545

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...

CVE-2023-47545

CVE-2023-47545 affects Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress, versions = 2.5.5 recommended.

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass when the Blazor server forms in ASP.NET Core applications are used. An attacker can bypass validation and trigger unintended actions by exploiting this vulnerability. This is only exploitable if the application is ...

CVE-2023-47669

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...

CVE-2023-47230

Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...

CVE-2023-47230

Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...

CVE-2023-47669

CVE-2023-47669 is a CSRF vulnerability in the WordPress plugin “User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor” by Cozmoslabs, affecting versions prior to 3.10.3. The issue allows cross-site request forgery without authentication (per Patchstack/CVE rec...

CVE-2023-47669 WordPress Profile Builder Plugin <= 3.10.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...

CVE-2023-47669 WordPress Profile Builder Plugin <= 3.10.3 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...

CVE-2023-47230 WordPress Contact Forms by Cimatti Plugin <= 1.6.0 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...

CVE-2023-47230

CVE-2023-47230 concerns the WordPress plugin “WordPress Contact Forms by Cimatti” (Cimatti Consulting) up to version ≤ 1.6.0. The connected documents confirm a Cross-Site Request Forgery (CSRF) vulnerability due to missing CSRF protections in the plugin, enabling potential unauthorized actions to...

WordPress Plugin WordPress Contact Forms by Cimatti Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WordPress Contact Forms by...

GHSA-72HG-5WR5-RMFC Statamic CMS remote code execution via front-end form uploads

Impact On front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded regardless of mime validation rules. This only affects forms using the "Forms" feature and not just any arbitrary form. This does not affect the control panel. Patches It has been patched i...

Statamic CMS remote code execution via front-end form uploads

Impact On front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded regardless of mime validation rules. This only affects forms using the "Forms" feature and not just any arbitrary form. This does not affect the control panel. Patches It has been patched i...

Nextcloud: RCE on Wordpress website

A remote code execution vulnerability was exploited on a WordPress website due to unsafe deserialization of user input. This allowed arbitrary code execution as the web server user...

CVE-2023-47129

Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just any arbitrary form. This...

CVE-2023-47129 Statamic CMS remote code execution via front-end form uploads

Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just any arbitrary form. This...

CVE-2023-47129 Statamic CMS remote code execution via front-end form uploads

Statmic is a core Laravel content management system Composer package. Prior to versions 3.4.13 and 4.33.0, on front-end forms with an asset upload field, PHP files crafted to look like images may be uploaded. This only affects forms using the "Forms" feature and not just any arbitrary form. This...