CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

EUVD•added 2026/03/25 6:31 p.m.•2 views

EUVD-2026-15903

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Stored XSS.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References2

NVD•added 2026/03/25 5:17 p.m.•2 views

CVE-2026-32532

7.1CVSS0.00045EPSS

Exploits0References1

CVE•added 2026/03/25 4:15 p.m.•3 views

CVE-2026-32532

WordPress plugin: Contact Form & Lead Form Elementor Builder (versions ≤ 2.0.1) has a Cross Site Scripting (XSS) vulnerability. Discovered by daroo. The Patchstack entry confirms the affected plugin and the XSS issue; no fix version is stated in the provided documents.

7.1CVSS5.8AI score0.00045EPSS

Exploits0References1

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4070

Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...

5.3AI score0.00056EPSS

Exploits0References3

Vulnrichment•added 2025/05/15 8:6 p.m.•8 views

CVE-2024-10475 Lead Form Builder < 1.9.8 - Admin+ Stored XSS

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed f...

4.8AI score0.00166EPSS

Exploits1References1