CVE-2025-47690

Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.1...

CVE-2025-47690 WordPress Lead Form Data Collection to CRM plugin <= 3.1 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.1...

CVE-2025-47690 WordPress Lead Form Data Collection to CRM plugin <= 3.1 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Smackcoders Inc., Lead Form Data Collection to CRM wp-leads-builder-any-crm allows Privilege Escalation.This issue affects Lead Form Data Collection to CRM: from n/a through = 3.1...

CVE-2025-47690

The CVE-2025-47690 entry concerns the WordPress plugin Lead Form Data Collection to CRM. A missing authorization check in the plugin’s AJAX handling (LB_admin_ajax.php) affects all versions up to 3.1, enabling authenticated users with Subscriber-level access and above to perform privileged action...

CVE-2024-1415

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.9. This is due to missing or incorrect nonce validation on several functions. This makes it possible for unauthenticated attacker...

CVE-2023-48325

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in PluginOps Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages.This issue affects Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing Pages: from n/a through 1.5.1.5...

CVE-2023-51532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

CVE-2022-47865

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeOrder.php...

CVE-2022-47864

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeCategories.php...

CVE-2022-47862

Lead Management System v1.0 is vulnerable to SQL Injection via the customerid parameter in ajaxrepresent.php...

CVE-2022-47860

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeProduct.php...

CVE-2022-47861

Lead Management System v1.0 is vulnerable to SQL Injection via the id parameter in removeLead.php...

Revisiting Adversarial Perception Attacks and Defense Methods on Autonomous Driving Systems

Autonomous driving systems ADS increasingly rely on deep learning-based perception models, which remain vulnerable to adversarial attacks. In this paper, we revisit adversarial attacks and defense methods, focusing on road sign recognition and lead object detection and prediction e.g., relative...

WordPress plugin Lead Form Data Collection to CRM 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in...

CVE-2022-47859

Lead Management System v1.0 is vulnerable to SQL Injection via the userid parameter in changePassword.php...

CVE-2022-47866

Lead management system v1.0 is vulnerable to SQL Injection via the id parameter in removeBrand.php...

CVE-2021-39198

OroCRM is an open source Client Relationship Management CRM application. Affected versions we found to suffer from a vulnerability which could an attacker is able to disqualify any Lead with a Cross-Site Request Forgery CSRF attack. There are no workarounds that address this vulnerability and all...

CVE-2020-35704

Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen...

CVE-2012-6312

Cross-site scripting XSS vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php...

CVE-2019-19306

The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName...