30 matches found
CVE-2025-62738
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
EUVD-2025-202022
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
CVE-2025-62738
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
CVE-2025-62738 WordPress Formstack Online Forms plugin <= 2.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
CVE-2025-62738 WordPress Formstack Online Forms plugin <= 2.0.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
CVE-2025-62738
CVE-2025-62738 involves a missing authorization vulnerability in the WordPress plugin Formstack Online Forms (versions n/a through 2.0.2). The issue arises from incorrectly configured access control, enabling unauthorized access. The available connected documents do not provide a remediation or p...
WordPress plugin Formstack Online Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...
PT-2025-50007
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
WordPress iATS Online Forms plugin SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress iATS Online Forms plugin, which stems from a temporal SQL injection in the parameter order, which can be exploited by an...
WordPress iATS Online Forms plugin <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter vulnerability
Authenticated Contributor+ SQL Injection via order Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin iATS Online Forms versions = 1.2...
CVE-2025-9441
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9441 iATS Online Forms <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9441 iATS Online Forms <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter
The iATS Online Forms plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order' parameter in all versions up to, and including, 1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
WordPress plugin iATS Online Forms SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the WordPress iATS Online Forms plugin, which stems from a temporal SQL injection in the parameter order, which can be exploited by an...
PT-2025-35191
Name of the Vulnerable Software and Affected Versions: iATS Online Forms plugin for WordPress versions up to and including 1.2 Description: The iATS Online Forms plugin for WordPress is susceptible to time-based SQL Injection via the order parameter. Insufficient escaping of user-supplied input a...
CVE-2024-32527
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1...
CVE-2024-2542
The Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-2542
The CVE-2024-2542 issue affects the Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms WordPress plugin up to version 1.3.1, with stored XSS via shortcode attributes. Root cause is insufficient input sanitization and output escaping, enabling authenticated users with co...
WordPress plugin Jotform Online Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2024-32527
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1...