Lucene search
K

685 matches found

CVE
CVE
added 2024/07/10 3:32 a.m.47 views

CVE-2024-6550

CVE-2024-6550 refers to Gravity Forms: Multiple Form Instances for WordPress. The connected Red Hat entry confirms a Full Path Disclosure in versions up to 1.1.1 caused by test files with display_errors on, allowing unauthenticated access to the web app path. Impact is Information Exposure (low c...

5.3CVSS5.5AI score0.00456EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.10 views

WordPress Gravity Forms: Multiple Form Instances Plugin <= 1.1.1 is vulnerable to Full Path Disclosure (FPD)

Software Gravity Forms: Multiple Form Instances Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6550 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID af3116244e6e Credits...

5.3CVSS6.6AI score0.00456EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.4 views

WordPress plugin Gravity Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.5AI score0.00456EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/07/03 6:23 a.m.4 views

WordPress Magic Conversation For Gravity Forms plugin <= 3.0.96 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Magic Conversation For Gravity Forms versions = 3.0.96...

7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 6:23 a.m.5 views

WordPress Tooltip for Gravity Forms plugin <= 2.9 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Tooltip for Gravity Forms versions = 2.9...

7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 6:23 a.m.3 views

WordPress Integration for Luminate and Gravity Forms plugin <= 1.3.3 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Integration for Luminate and Gravity Forms versions = 1.3.3...

7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.12 views

WordPress Tooltip for Gravity Forms Plugin <= 2.9 is vulnerable to Backdoor

Software Tooltip for Gravity Forms Type Plugin Vulnerable versions = 2.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 852a3f555d15 Credits Sansec.io Required privilege Unauthenticated Published 3...

7.2AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.6 views

WordPress Integration for Luminate and Gravity Forms Plugin <= 1.3.3 is vulnerable to Backdoor

Software Integration for Luminate and Gravity Forms Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0d71ccb64282 Credits Sansec.io Required privilege...

7.2AI score
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/07/03 12:0 a.m.5 views

WordPress Magic Conversation For Gravity Forms Plugin <= 3.0.94 is vulnerable to Backdoor

Software Magic Conversation For Gravity Forms Type Plugin Vulnerable versions = 3.0.94 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5926a0e977a5 Credits Sansec.io Required privilege Unauthenticated...

7.2AI score
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 12:44 p.m.4 views

Malicious code in gravityforms (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Patchstack
Patchstack
added 2024/05/03 8:15 a.m.6 views

WordPress GP Unique ID plugin <= 1.5.5 - Unauthenticated Form Submission Unique ID Modification vulnerability

Unauthenticated Form Submission Unique ID Modification vulnerability discovered by Karl Emil Nikka in WordPress Plugin Gravity Forms Unique ID versions = 1.5.5...

5.3CVSS7AI score0.0103EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/05/03 12:0 a.m.12 views

WordPress Gravity Forms Unique ID Plugin <= 1.5.5 is vulnerable to Content Spoofing

Software Gravity Forms Unique ID Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A3: Injection Classification Content Spoofing CVE CVE-2024-0710 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID deacdbc2e22e Credits Karl Emil Nikka Required privilege...

5.3CVSS6.8AI score0.0103EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/12/29 1:15 p.m.10 views

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

8.8CVSS0.00216EPSS
Exploits0References1
OSV
OSV
added 2023/12/29 1:15 p.m.4 views

CVE-2023-51358

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

8.8CVSS7.3AI score0.00216EPSS
Exploits0References1
Prion
Prion
added 2023/12/29 1:15 p.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

6.8CVSS7.2AI score0.00216EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/29 12:11 p.m.17 views

CVE-2023-51358 WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Bright Plugins Block IPs for Gravity Forms.This issue affects Block IPs for Gravity Forms: from n/a through 1.0.1...

5.4CVSS8.9AI score0.00216EPSS
Exploits0References1
CVE
CVE
added 2023/12/29 12:11 p.m.65 views

CVE-2023-51358

CVE-2023-51358 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Block IPs for Gravity Forms . Public records indicate it affects the Gravity Forms Block IPs feature up to version 1.0.1 , with patches applying in newer releases. The connected documents do not provide ex...

8.8CVSS8.5AI score0.00216EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/29 12:0 a.m.9 views

PT-2023-31789 · Unknown · Bright Plugins Block Ips For Gravity Forms

Name of the Vulnerable Software and Affected Versions: Bright Plugins Block IPs for Gravity Forms versions 1.0.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed. This can be exploited by tricking a user into...

8.8CVSS8.9AI score0.00216EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.3 views

WordPress Plugin Block IPs for Gravity Forms Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

8.8CVSS6.5AI score0.00216EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/12/26 12:0 a.m.10 views

WordPress Block IPs for Gravity Forms Plugin <= 1.0.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Block IPs for Gravity Forms Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.0.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-51358 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 53836d95b664 Credits Nguyen...

8.8CVSS6.7AI score0.00216EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder