EUVD-2025-26533

Malicious code in bioql PyPI...

EUVD-2022-43492

Malicious code in bioql PyPI...

CVE-2025-58639

Missing Authorization vulnerability in Ali Khallad Contact Form By Mega Forms mega-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form By Mega Forms: from n/a through = 1.6.1...

WordPress Contact Form By Mega Forms Plugin <= 1.6.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Le Cong Danh vodanh in WordPress Plugin Contact Form By Mega Forms versions = 1.6.1...

CVE-2025-58639

Missing Authorization vulnerability in Ali Khallad Contact Form By Mega Forms mega-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form By Mega Forms: from n/a through = 1.6.1...

CVE-2025-58639 WordPress Contact Form By Mega Forms Plugin <= 1.6.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Ali Khallad Contact Form By Mega Forms mega-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form By Mega Forms: from n/a through = 1.6.1...

CVE-2025-58639 WordPress Contact Form By Mega Forms Plugin <= 1.6.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Ali Khallad Contact Form By Mega Forms mega-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form By Mega Forms: from n/a through = 1.6.1...

CVE-2025-58639

CVE-2025-58639 (WordPress) : The vulnerability is in the WordPress plugin Contact Form By Mega Forms , affected versions up to 1.6.1 . The issue is a Missing/Broken Authorization flaw due to incorrectly configured access control, enabling unauthorized actions as described in multiple sources (Pat...

WordPress plugin Contact Form By Mega Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

PT-2025-35767

Name of the Vulnerable Software and Affected Versions: Ali Khallad Contact Form By Mega Forms versions through 1.6.1 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: Update Ali Khallad Contact Form By Me...

WordPress Contact Form By Mega Forms – Drag and Drop Form Builder Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form By Mega Forms – Drag and Drop Form Builder Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 5d66bb9d8b9f...

CVE-2022-40191

Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...

CVE-2022-40191

Summary: CVE-2022-40191 affects the WordPress plugin “Ali Khallad’s Contact Form By Mega Forms” up to version 1.2.4. The issue is an authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability stemming from inadequate sanitization/escaping of input, enabling script injection by us...

CVE-2022-40191 WordPress Contact Form By Mega Forms plugin <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...

PT-2022-25272 · WordPress · Ali Khallad'S Contact Form By Mega Forms

Name of the Vulnerable Software and Affected Versions: Ali Khallad's Contact Form By Mega Forms plugin versions = 1.2.4 Description: The issue is an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with subscriber or higher privileges can inject malicious...

WordPress plugin Contact Form By Mega Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Contact Form By Mega Forms plugin <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Contact Form By Mega Forms plugin versions = 1.2.4. Solution Update the WordPress Contact Form By Mega Forms – Drag and Drop Form Builder plugin to the latest available version at...

Contact Form By Mega Forms < 1.2.5 - Subscriber+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some parameters, which could allow users with a role as low as subscriber to perform Stored Cross-Site Scripting attacks...