CVE-2020-8594

The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninjaformsrecaptchasitekey, ninjaformsrecaptchasecretkey, ninjaformsrecaptchalang, or ninjaformsdateformat...

Rumpus FTP Web File Manager Upload Center Forms Component Cross-Site Request Forgery Vulnerability

Rumpus FTP Web File Manager is a file transfer server. A cross-site request forgery vulnerability exists in the Upload Center Forms component of Web File Manager in Rumpus FTP version 8.2.9.1. The vulnerability stems from the web application not adequately verifying that requests are coming from ...

CVE-2019-19669

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html...

CVE-2019-19669

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html...

CVE-2019-19669

A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html...

Ninja Forms < 3.4.23 - CSRF to Stored Cross-Site Scripting (XSS)

Authenticated Stored XSS vulnerabilities in recaptchasitekey, recaptchasecretkey, recaptchalang and dateformat keys, which can be performed via CSRF attacks...

PYSEC-2020-89

Missing password strength checks on some forms in Plone 4.3 through 5.2.0 allow users to set weak passwords, leading to easier cracking...

Cross site scripting

The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user...

CVE-2020-7228

The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user...

CVE-2020-7228

CVE-2020-7228 affects WordPress Calculated Fields Form plugin (versions

CVE-2020-6849

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketofat CSRF with resultant XSS...

CVE-2020-6849

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketofat CSRF with resultant XSS...

Cross site request forgery (csrf)

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketofat CSRF with resultant XSS...

CVE-2020-6849

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketofat CSRF with resultant XSS...

CVE-2020-6849

CVE-2020-6849 concerns the WordPress plugin marketo-forms-and-tracking (

JhoneRAT: Cloud based python RAT targeting Middle Eastern countries

By Warren Mercer, Paul Rascagneres and Vitor Ventura with contributions from Eric Kuhla. Updated January 17th: the documents do not exploit the CVE-2017-0199 vulnerability. Executive Summary Today, Cisco Talos is unveiling the details of a new RAT we have identified we're calling "JhoneRAT." This...

New JhoneRAT Malware Targets Middle East

Researchers are warning of a new remote access trojan RAT, dubbed JhoneRAT, which is being distributed as part of an active campaign, ongoing since November 2019, that targets victims in the Middle East. Once downloaded, the RAT gathers information on the victims’ computers and is also able to...

Marketo Forms and Tracking <= 1.0.2 - CSRF to XSS

Lack of CSRF checks and sanitisation on the plugin's settings page could allow XSS attacks via CSRF. PoC...

Marketo Forms and Tracking <= 1.0.2 - CSRF to XSS

Lack of CSRF checks and sanitisation on the plugin's settings page could allow XSS attacks via CSRF. document.getElementById'csrf'.submit;...

[SECURITY] Fedora 30 Update: drupal7-webform-4.21-1.fc30

Webform is the module for making forms and surveys in Drupal. After a submission, users may be sent an e-mail "receipt" as well as sending a notification to administrators. Results can be exported into Excel or other spreadsheet applications. Webform also provides some basic statistical review an...