Lucene search
K

1275 matches found

EUVD
EUVD
added 2026/06/01 2:39 p.m.15 views

EUVD-2026-33650

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1...

9.6CVSS5.8AI score0.005EPSS
Exploits2References1
Patchstack
Patchstack
added 2026/06/01 1:42 p.m.14 views

WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by daroo in WordPress Plugin Gravity Forms versions = 2.10.0.1...

9.6CVSS5.8AI score0.005EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.20 views

PT-2026-45440

Name of the Vulnerable Software and Affected Versions Gravity Forms versions prior to 2.10.0.2 Description An improper limitation of a pathname to a restricted directory, known as Path Traversal, exists in Gravity Forms. This allows an attacker to access files and directories outside of the...

9.6CVSS5.8AI score0.005EPSS
Exploits2References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

WordPress plugin Gravity Forms 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

9.6CVSS5.4AI score0.005EPSS
Exploits2References1
GithubExploit
GithubExploit
added 2026/05/28 4:24 p.m.87 views

WireDown

WireDown Autonomous AI-Driven Honeypot in a Zero-Gravity Physi...

10CVSS7.5AI score0.85974EPSS
Exploits40
EUVD
EUVD
added 2026/05/06 12:30 p.m.6 views

EUVD-2026-27548

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 10:16 a.m.8 views

CVE-2026-1719

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS0.00336EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/06 9:36 a.m.8 views

WordPress Gravity Bookings plugin <= 2.5.9 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Gravity Forms Bookings premium versions = 2.5.9...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/06 9:27 a.m.5 views

CVE-2026-1719 Gravity Bookings <= 2.5.9 - Unauthenticated SQL Injection via 'category_id' Parameter

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/06 9:27 a.m.6 views

CVE-2026-1719

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 9:27 a.m.32 views

CVE-2026-1719 Gravity Bookings <= 2.5.9 - Unauthenticated SQL Injection via 'category_id' Parameter

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS0.00336EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 9:27 a.m.16 views

CVE-2026-1719

CVE-2026-1719 concerns the Gravity Bookings Premium WordPress plugin. Affected: Gravity Bookings Premium plugin for WordPress (versions up to and including 2.5.9). Issue: SQL Injection due to insufficient escaping of user-supplied input and inadequate preparation of the existing SQL query, enabli...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

WordPress plugin Gravity Bookings Premium SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37435

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS5.9AI score0.00336EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/05/05 11:30 a.m.8 views

WordPress Gravity Forms plugin <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by tadokun in WordPress Plugin Gravity Forms versions = 2.10.0...

7.2CVSS5.8AI score0.00247EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/05 11:29 a.m.9 views

WordPress Gravity Forms plugin <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by tadokun in WordPress Plugin Gravity Forms versions = 2.10.0...

7.2CVSS5.8AI score0.00245EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/05 11:28 a.m.24 views

WordPress Gravity Forms plugin <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by tadokun in WordPress Plugin Gravity Forms versions = 2.10.0...

7.2CVSS5.8AI score0.00251EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/05 11:8 a.m.9 views

WordPress Gravity Forms plugin <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by tadokun in WordPress Plugin Gravity Forms versions = 2.10.0...

7.2CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/05 11:7 a.m.13 views

WordPress Gravity Forms plugin <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by tadokun in WordPress Plugin Gravity Forms versions = 2.10.0...

7.2CVSS5.8AI score0.00239EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.36 views

CVE-2026-5112

The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping of Calculation Product field product names when rendered inside Repeater fields. The validat...

7.2CVSS6AI score0.00232EPSS
Exploits0References1
Rows per page
Query Builder