Lucene search
K

14 matches found

NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-56058

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.31 views

CVE-2026-56058 WordPress Quform plugin <= 2.23.0 - Arbitrary File Upload vulnerability

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS0.00362EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.21 views

CVE-2026-56058

CVE-2026-56058 affects the WordPress Quform plugin, specifically versions up to 2.23.0, with a Subscriber Arbitrary File Upload vulnerability. The connected records confirm the affected product and vulnerability class but do not provide root-cause details or a patch/version to remediate within th...

9.9CVSS5.8AI score0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.6 views

EUVD-2026-39712

Subscriber Arbitrary File Upload in Quform = 2.23.0 versions...

9.9CVSS5.8AI score0.00362EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49399

Malicious code in bioql PyPI...

5.3CVSS8.6AI score0.00374EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:17 a.m.4 views

CVE-2024-8756

The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...

5.3CVSS6.6AI score0.00374EPSS
Exploits0References1
NVD
NVD
added 2024/11/09 6:15 a.m.13 views

CVE-2024-8756

The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...

5.3CVSS0.00374EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/09 5:40 a.m.25 views

CVE-2024-8756 Quform - WordPress Form Builder <= 2.20.0 - Unauthenticated Sensitive Information Exposure

The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...

5.3CVSS0.00374EPSS
Exploits0References2
CVE
CVE
added 2024/11/09 5:40 a.m.49 views

CVE-2024-8756

CVE-2024-8756 affects Quform - WordPress Form Builder plugin. Vulnerable in all versions

5.3CVSS5.1AI score0.00374EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/09 5:40 a.m.14 views

CVE-2024-8756 Quform - WordPress Form Builder <= 2.20.0 - Unauthenticated Sensitive Information Exposure

The Quform - WordPress Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.20.0 via the 'saveUploadedFile' function. This makes it possible for unauthenticated attackers to extract sensitive data, such as Personally Identifiabl...

5.3CVSS6.8AI score0.00374EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.3 views

WordPress plugin Quform 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information...

5.3CVSS7.7AI score0.00374EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/08 10:53 p.m.5 views

WordPress Quform plugin <= 2.20.0 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by shaman0x01 in WordPress Plugin Quform versions = 2.20.0...

5.3CVSS7AI score0.00374EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.5 views

PT-2024-39230 · WordPress · Quform

Name of the Vulnerable Software and Affected Versions: The Quform - WordPress Form Builder plugin versions up to, and including, 2.20.0 Description: The issue allows unauthenticated attackers to extract sensitive data, such as Personally Identifiable Information, from files uploaded by users via...

5.3CVSS7AI score0.00374EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.14 views

WordPress Quform Plugin <= 2.20.0 is vulnerable to Sensitive Data Exposure

Software Quform Type Plugin Vulnerable versions = 2.20.0 Fixed in 2.21.0 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-8756 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 451215aa5719 Credits shaman0x01 Required privilege...

5.3CVSS6.9AI score0.00374EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder