Lucene search
K

685 matches found

Patchstack
Patchstack
added 2025/04/30 8:26 p.m.6 views

WordPress Gravity Forms WebHooks plugin <= 1.6.0 - Authenticated (Admin+) Server-Side Request Forgery via Webhook vulnerability

Authenticated Admin+ Server-Side Request Forgery via Webhook vulnerability discovered by Francesco Carlucci in WordPress Plugin Gravity Forms WebHooks versions = 1.6.0...

5.5CVSS8.9AI score0.00213EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/25 11:19 p.m.7 views

CVE-2025-39428

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders gravity-forms-css-themes-with-fontawesome-and-placeholder-support allows Stored XSS.This issue affects Gravity Forms CSS...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 4:15 p.m.11 views

CVE-2025-39428

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders gravity-forms-css-themes-with-fontawesome-and-placeholder-support allows Stored XSS.This issue affects Gravity Forms CSS...

5.9CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/17 3:17 p.m.27 views

CVE-2025-39428 WordPress Gravity Forms CSS Themes with Fontawesome and Placeholders plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders gravity-forms-css-themes-with-fontawesome-and-placeholder-support allows Stored XSS.This issue affects Gravity Forms CSS...

5.9CVSS0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/17 3:17 p.m.12 views

CVE-2025-39428 WordPress Gravity Forms CSS Themes with Fontawesome and Placeholders plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maros Pristas Gravity Forms CSS Themes with Fontawesome and Placeholders allows Stored XSS. This issue affects Gravity Forms CSS Themes with Fontawesome and Placeholders: from n/a through 8.5...

5.9CVSS5.7AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/04/17 3:17 p.m.52 views

CVE-2025-39428

CVE-2025-39428 : Cross-Site Scripting in Gravity Forms CSS Themes with Fontawesome and Placeholders (WordPress plugin) allows stored XSS. Affected: Gravity Forms CSS Themes with Fontawesome and Placeholders, versions n/a through 8.5. Root cause: improper input neutralization during web page gener...

5.9CVSS7.2AI score0.00225EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/17 10:19 a.m.22 views

WordPress Gravity Forms CSS Themes with Fontawesome and Placeholders plugin <= 8.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Gravity Forms CSS Themes with Fontawesome and Placeholders versions = 8.5...

5.9CVSS6.9AI score0.00225EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.5 views

WordPress plugin Gravity Forms CSS Themes with Fontawesome and Placeholders 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress...

5.9CVSS6AI score0.00225EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/03 9:27 p.m.7 views

CVE-2025-31551

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

9.3CVSS7.3AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/02 1:33 p.m.10 views

CVE-2025-31533

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

5.3CVSS7.2AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2025/04/01 9:15 p.m.6 views

CVE-2025-31551

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

9.3CVSS0.00448EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/01 8:58 p.m.4 views

CVE-2025-31551 WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

9.3CVSS8.9AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2025/04/01 8:58 p.m.51 views

CVE-2025-31551

CVE-2025-31551 is an SQL Injection in the Salesmate Add-On for Gravity Forms (affected: Salesmate Add-On for Gravity Forms, from n/a through 2.0.3). The root cause is improper neutralization of input elements used in SQL commands. The exploit is reported as unauthenticated and network-based, pote...

9.3CVSS7.3AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/01 8:58 p.m.14 views

CVE-2025-31551 WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows SQL Injection.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

9.3CVSS0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/01 12:0 a.m.4 views

WordPress plugin Salesmate Add-On for Gravity Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress...

9.3CVSS9.2AI score0.00448EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.3 views

PT-2025-14423 · Unknown · Salesmate Add-On For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Salesmate Add-On for Gravity Forms versions n/a through 2.0.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

9.3CVSS9.4AI score0.00448EPSS
Exploits0References6
Patchstack
Patchstack
added 2025/03/31 1:55 p.m.4 views

WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Salesmate Add-On for Gravity Forms versions = 2.0.3...

5.3CVSS7AI score0.00371EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/03/31 1:15 p.m.16 views

CVE-2025-31533

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms gf-salesmate-add-on allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Salesmate Add-On for Gravity Forms: from n/a through = 2.0.3...

5.3CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/31 12:55 p.m.12 views

CVE-2025-31533 WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Salesmate.io Salesmate Add-On for Gravity Forms allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Salesmate Add-On for Gravity Forms: from n/a through 2.0.3...

5.3CVSS7.2AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2025/03/31 12:55 p.m.52 views

CVE-2025-31533

CVE-2025-31533 describes a Missing Authorization vulnerability in the Salesmate Add-On for Gravity Forms . Affected versions are up to 2.0.3, with a reported base score of 5.3 (Medium). The initial data indicates the issue allows accessing functionality not properly constrained by ACLs. The conne...

5.3CVSS7.2AI score0.00371EPSS
Exploits0References1
Rows per page
Query Builder