685 matches found
CVE-2024-6550
CVE-2024-6550 refers to Gravity Forms: Multiple Form Instances for WordPress. The connected Red Hat entry confirms a Full Path Disclosure in versions up to 1.1.1 caused by test files with display_errors on, allowing unauthenticated access to the web app path. Impact is Information Exposure (low c...
WordPress Gravity Forms: Multiple Form Instances Plugin <= 1.1.1 is vulnerable to Full Path Disclosure (FPD)
Software Gravity Forms: Multiple Form Instances Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6550 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID af3116244e6e Credits...
WordPress plugin Gravity Forms security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Magic Conversation For Gravity Forms plugin <= 3.0.96 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Magic Conversation For Gravity Forms versions = 3.0.96...
WordPress Tooltip for Gravity Forms plugin <= 2.9 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Tooltip for Gravity Forms versions = 2.9...
WordPress Integration for Luminate and Gravity Forms plugin <= 1.3.3 - Malicious Polyfill.io Embed vulnerability
Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Integration for Luminate and Gravity Forms versions = 1.3.3...
WordPress Tooltip for Gravity Forms Plugin <= 2.9 is vulnerable to Backdoor
Software Tooltip for Gravity Forms Type Plugin Vulnerable versions = 2.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 852a3f555d15 Credits Sansec.io Required privilege Unauthenticated Published 3...
WordPress Integration for Luminate and Gravity Forms Plugin <= 1.3.3 is vulnerable to Backdoor
Software Integration for Luminate and Gravity Forms Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0d71ccb64282 Credits Sansec.io Required privilege...
WordPress Magic Conversation For Gravity Forms Plugin <= 3.0.94 is vulnerable to Backdoor
Software Magic Conversation For Gravity Forms Type Plugin Vulnerable versions = 3.0.94 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5926a0e977a5 Credits Sansec.io Required privilege Unauthenticated...
Malicious code in gravityforms (npm)
--- -= Per source details. Do not edit below this line.=-...
WordPress GP Unique ID plugin <= 1.5.5 - Unauthenticated Form Submission Unique ID Modification vulnerability
Unauthenticated Form Submission Unique ID Modification vulnerability discovered by Karl Emil Nikka in WordPress Plugin Gravity Forms Unique ID versions = 1.5.5...
WordPress Gravity Forms Unique ID Plugin <= 1.5.5 is vulnerable to Content Spoofing
Software Gravity Forms Unique ID Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A3: Injection Classification Content Spoofing CVE CVE-2024-0710 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID deacdbc2e22e Credits Karl Emil Nikka Required privilege...
CVE-2023-51358
Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...
CVE-2023-51358
Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...
CVE-2023-51358 WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...
CVE-2023-51358
CVE-2023-51358 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Block IPs for Gravity Forms . Public records indicate it affects the Gravity Forms Block IPs feature up to version 1.0.1 , with patches applying in newer releases. The connected documents do not provide ex...
PT-2023-31789 · Unknown · Bright Plugins Block Ips For Gravity Forms
Name of the Vulnerable Software and Affected Versions: Bright Plugins Block IPs for Gravity Forms versions 1.0.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed. This can be exploited by tricking a user into...
WordPress Plugin Block IPs for Gravity Forms Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...
WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Block IPs for Gravity Forms Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51358 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 53836d95b664 Credits Nguyen...