Malicious code in tailwindcss-forms-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5581b4e4ac6d5e02fe8dd2de23b1267ad2ac1b40a0c5be4cd284af8c6979588 The package tailwindcss-forms-animation was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview tailwindcss-forms-animation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in tailwindcss-forms-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a402948dc389c4a201ac4271a843d78a5131d377a3904fe178b51c6aef5adb The package tailwindcss-forms-component was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview tailwindcss-forms-component is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in tailwindcss-forms-componentes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0825512b6509f2725c98e651bd2d86e9fd2fa6e488f9ee33a7cdcfbf30b1a73e The package tailwindcss-forms-componentes was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1211 Malicious code in tailwindcss-forms-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66a402948dc389c4a201ac4271a843d78a5131d377a3904fe178b51c6aef5adb The package tailwindcss-forms-component was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview tailwindcss-forms-componentes is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-1212 Malicious code in tailwindcss-forms-componentes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0825512b6509f2725c98e651bd2d86e9fd2fa6e488f9ee33a7cdcfbf30b1a73e The package tailwindcss-forms-componentes was found to contain malicious code. Source: ghsa-malware...

CVE-2026-2428

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...

CVE-2026-2471

The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the BaseModel class constructor calling maybeunserialize on all properties retrieved...

WordPress Fluent Forms Pro Add On Pack plugin <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification vulnerability

Missing Authorization to Unauthenticated Payment Status modification vulnerability discovered by Prickly Cactus in WordPress Plugin Fluent Forms Pro Add On Pack versions = 6.1.17...

EUVD-2026-8986

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...

CVE-2026-2428 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification

The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in all versions up to, and including, 6.1.17. This is due to the PayPal IPN Instant Payment Notification verification being disabled by default disableipnverification defaults to...

CVE-2026-2428

The CVE concerns the Fluent Forms Pro Add On Pack for WordPress, vulnerable in all versions up to 6.1.17 due to disabled PayPal IPN verification (disable_ipn_verification defaults to 'yes' in PayPalSettings.php). This enables unauthenticated attackers to send forged PayPal IPN notifications to th...

Improper Following of a Certificate's Chain of Trust

Overview Affected versions of this package are vulnerable to Improper Following of a Certificate's Chain of Trust in the exposed API endpoints that do not enforce authentication or authorization checks. An attacker can access and retrieve sensitive data associated with arbitrary records by direct...

WordPress plugin Fluent Forms Pro Add On Pack 数据伪造问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-25930

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

CVE-2026-25743

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, users with the "Forms administration" role can fill questionnaires "forms" in patient encounters. The answers to the forms are displayed on the encounter page and in th...

CVE-2026-25930

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form LBF printable view accepts formid and visitid or patientid from the request and does not verify that the form belongs to the current user’s...

CVE-2026-25743

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, users with the "Forms administration" role can fill questionnaires "forms" in patient encounters. The answers to the forms are displayed on the encounter page and in th...