Lucene search
K

685 matches found

CNNVD
CNNVD
added 2025/03/31 12:0 a.m.4 views

WordPress plugin Salesmate Add-On for Gravity Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.3CVSS8.3AI score0.00371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/07 9:49 a.m.8 views

CVE-2025-24629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through = 1.18...

7.1CVSS7.2AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:36 a.m.6 views

CVE-2024-47624

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bannersky BSK Forms Blacklist bsk-gravityforms-blacklist allows Reflected XSS.This issue affects BSK Forms Blacklist: from n/a through = 3.8.1...

7.1CVSS5.9AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:56 p.m.8 views

CVE-2024-13377

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alt’ parameter in all versions up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

7.2CVSS6.1AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2025/02/03 3:15 p.m.8 views

CVE-2025-24629

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through = 1.18...

7.1CVSS0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/03 2:22 p.m.12 views

CVE-2025-24629 WordPress Import Excel to Gravity Forms Plugin <= 1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through = 1.18...

7.1CVSS7.2AI score0.003EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/03 2:22 p.m.25 views

CVE-2025-24629 WordPress Import Excel to Gravity Forms Plugin <= 1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through = 1.18...

7.1CVSS0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.6 views

PT-2025-5457 · Unknown · Wpgear Import Excel To Gravity Forms

Name of the Vulnerable Software and Affected Versions: WPGear Import Excel to Gravity Forms versions 1.18 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting', which allows Reflected XSS. This enables...

7.1CVSS7AI score0.003EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/02/03 12:0 a.m.4 views

WordPress plugin Import Excel to Gravity Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

7.1CVSS7.9AI score0.003EPSS
Exploits0References1
NVD
NVD
added 2025/01/22 3:15 p.m.8 views

CVE-2025-23921

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

9CVSS0.00508EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/22 2:29 p.m.29 views

CVE-2025-23921 WordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

9CVSS0.00508EPSS
Exploits0References1
CVE
CVE
added 2025/01/22 2:29 p.m.87 views

CVE-2025-23921

The vulnerability CVE-2025-23921 affects the WordPress plugin Multi Uploader for Gravity Forms (notFound) and is described as Unrestricted Upload of File with Dangerous Type, enabling uploading a web shell to the web server. Public details indicate the issue affects versions from an unspecified s...

9CVSS7.2AI score0.00508EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/22 2:29 p.m.13 views

CVE-2025-23921 WordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

9CVSS7.2AI score0.00508EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/22 12:0 a.m.4 views

WordPress plugin Multi Uploader for Gravity Forms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9CVSS8.6AI score0.00508EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/01/20 12:0 a.m.6 views

WordPress Import Excel to Gravity Forms Plugin <= 1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Import Excel to Gravity Forms versions = 1.18...

7.1CVSS6.1AI score0.003EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/01/17 10:15 a.m.19 views

CVE-2024-13377

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alt’ parameter in all versions up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

7.2CVSS0.00309EPSS
Exploits0References2
NVD
NVD
added 2025/01/17 10:15 a.m.31 views

CVE-2024-13378

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘stylesettings’ parameter in versions 2.9.0.1 up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

5.4CVSS0.00281EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/17 9:36 a.m.13 views

CVE-2024-13378 GravityForms 2.9.0.1 - 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'style_settings' parameter

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘stylesettings’ parameter in versions 2.9.0.1 up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

5.4CVSS5.2AI score0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/17 9:36 a.m.29 views

CVE-2024-13378 GravityForms 2.9.0.1 - 2.9.1.3 - Unauthenticated Stored Cross-Site Scripting via 'style_settings' parameter

The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘stylesettings’ parameter in versions 2.9.0.1 up to, and including, 2.9.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

5.4CVSS0.00281EPSS
Exploits0References2
CVE
CVE
added 2025/01/17 9:36 a.m.62 views

CVE-2024-13378

CVE-2024-13378 (Gravity Forms, WordPress) : Stored Cross-Site Scripting via the style_settings parameter in Gravity Forms versions 2.9.0.1–2.9.1.3 due to insufficient input sanitization and output escaping. Vulnerability allows unauthenticated attackers to inject scripts that execute when a user ...

5.4CVSS5.2AI score0.00281EPSS
Exploits0References2
Rows per page
Query Builder