14 matches found
CVE-2026-56058
Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...
CVE-2026-56058 WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...
CVE-2026-56058
CVE-2026-56058 affects the WordPress Quform plugin, specifically versions up to 2.23.0, with a Subscriber Arbitrary File Upload vulnerability. The connected records confirm the affected product and vulnerability class but do not provide root-cause details or a patch/version to remediate within th...
EUVD-2026-39712
Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...
EUVD-2024-49399
Malicious code in bioql PyPI...
CVE-2024-8756
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...
CVE-2024-8756
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...
CVE-2024-8756 Quform - WordPress Form Builder <= 2.20.0 - Unauthenticated Sensitive Information Exposure
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...
CVE-2024-8756
CVE-2024-8756 affects Quform - WordPress Form Builder plugin. Vulnerable in all versions
CVE-2024-8756 Quform - WordPress Form Builder <= 2.20.0 - Unauthenticated Sensitive Information Exposure
The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...
WordPress plugin Quform 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...
WordPress Quform plugin <= 2.20.0 - Unauthenticated Sensitive Information Exposure vulnerability
Unauthenticated Sensitive Information Exposure vulnerability discovered by shaman0x01 in WordPress Plugin Quform versions = 2.20.0...
PT-2024-39230 · WordPress · Quform
Name of the Vulnerable Software and Affected Versions: The Quform - WordPress Form Builder plugin versions up to, and including, 2.20.0 Description: The issue allows unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users via...
WordPress Quform Plugin <= 2.20.0 is vulnerable to Sensitive Data Exposure
Software Quform Type Plugin Vulnerable versions = 2.20.0 Fixed in 2.21.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8756 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 451215aa5719 Credits shaman0x01 Required privilege...