16 matches found
EUVD-2025-11473
Malicious code in bioql PyPI...
EUVD-2025-11504
Malicious code in bioql PyPI...
CVE-2025-3247
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7stripeskipspamcheck' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe...
CVE-2025-3479
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handlestripesingle' function due to insufficient validation on a user controlled key. This makes it possible for...
CVE-2025-3479
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handlestripesingle' function due to insufficient validation on a user controlled key. This makes it possible for...
CVE-2025-3479
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handlestripesingle' function due to insufficient validation on a user controlled key. This makes it possible for...
CVE-2025-3479 Forminator <= 1.42.0 - Order Replay Vulnerability
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handlestripesingle' function due to insufficient validation on a user controlled key. This makes it possible for...
CVE-2025-3479
Forminator Forms – Contact Form, Payment Form & Custom Form Builder for WordPress is vulnerable to an Order Replay flaw (CVE-2025-3479) in versions up to 1.42.0 due to insufficient validation of a user-controlled key in the handle_stripe_single path. This allows an unauthenticated attacker to reu...
CVE-2025-3479 Forminator <= 1.42.0 - Order Replay Vulnerability
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handlestripesingle' function due to insufficient validation on a user controlled key. This makes it possible for...
WordPress plugin Forminator Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2025-3247
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7stripeskipspamcheck' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe...
CVE-2025-3247
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7stripeskipspamcheck' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe...
CVE-2025-3247 Contact Form 7 <= 6.0.5 - Order Replay Vulnerability
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7stripeskipspamcheck' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe...
CVE-2025-3247
CVE-2025-3247 – Contact Form 7 (WordPress) is a vulnerability in all versions up to and including 6.0.5 where insufficient validation in the wpcf7_stripe_skip_spam_check key allows an unauthenticated attacker to replay a single Stripe PaymentIntent across multiple transactions. The first transact...
CVE-2025-3247 Contact Form 7 <= 6.0.5 - Order Replay Vulnerability
The Contact Form 7 plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 6.0.5 via the 'wpcf7stripeskipspamcheck' function due to insufficient validation on a user controlled key. This makes it possible for unauthenticated attackers to reuse a single Stripe...
WordPress plugin Contact Form 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...