757 matches found
CVE-2025-68046
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...
CVE-2025-49050
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49055
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...
CVE-2025-68046
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...
CVE-2025-68046 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Retrieve Embedded Sensitive Data.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...
CVE-2025-68046
CVE-2025-68046 : Exposure of embedded sensitive data in WordPress plugin “ThemeHunk Contact Form & Lead Form Elementor Builder” (lead-form-builder)
CVE-2025-49050
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49050 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49050 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49055 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49055
CVE-2025-49055 targets the WordPress plugin WP Lead Capturing Pages (wp-lead-capture), with an Unauthenticated Blind SQL Injection due to improper neutralization of input in versions up to and including 2.5. This vulnerability is categorized with CVSS 3.1/8.9? No; per metrics, base score 9.8 (CRI...
CVE-2025-49050
CVE-2025-49050 describes an SQL Injection in the WordPress plugin WP Lead Capturing Pages (wp-lead-capture) up to version 2.5. The issue is Improper Neutralization of Special Elements in SQL Commands, enabling Blind SQL Injection. Public references (NVD/Patchstack/Red Hat) confirm the vulnerabili...
CVE-2025-49055
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
CVE-2025-49055 WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in kamleshyadav WP Lead Capturing Pages wp-lead-capture allows Blind SQL Injection.This issue affects WP Lead Capturing Pages: from n/a through = 2.5...
PT-2026-3971
Name of the Vulnerable Software and Affected Versions kamleshyadav WP Lead Capturing Pages versions through 2.5 Description The software contains a flaw due to improper neutralization of special elements within SQL commands, leading to a SQL Injection issue. This allows for Blind SQL Injection. T...
WordPress plugin WP Lead Capturing has a SQL injection vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-4070
Name of the Vulnerable Software and Affected Versions ThemeHunk Contact Form & Lead Form Elementor Builder versions through 2.0.1 Description A flaw exists in ThemeHunk Contact Form & Lead Form Elementor Builder that could allow retrieval of embedded sensitive data. The issue is related to the...
WordPress plugin wp-lead-capture has a SQL injection vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-3972
Name of the Vulnerable Software and Affected Versions kamleshyadav WP Lead Capturing Pages versions through 2.5 Description The software contains a flaw related to improper handling of special characters within SQL queries, potentially allowing for SQL Injection. This could allow an attacker to...