CVE-2023-47829

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Codez Quick Call Button plugin = 1.2.9 versions...

CVE-2023-23889

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

CVE-2023-23885

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...

CVE-2023-23974

Cross-Site Request Forgery CSRF vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 affecting all registration actions delete, delete all, edit, update...

CVE-2023-46989

SQL Injection vulnerability in the Innovadeluxe Quick Order module for PrestaShop before v.1.4.0, allows local attackers to execute arbitrary code via the getProducts function in the productlist.php file...

CVE-2023-43343

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Files - Description parameter in the Pages Menu component...

CVE-2023-40659

A reflected XSS vulnerability was discovered in the Easy Quick Contact module for Joomla...

CVE-2023-33194

Craft is a CMS for creating custom digital experiences on the web.The platform does not filter input and encode output in Quick Post validation error message, which can deliver an XSS payload. Old CVE fixed the XSS in label HTML but didn’t fix it when clicking save. This issue was patched in...

CVE-2023-31497

Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security EPS all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system...

CVE-2023-23491

The Quick Event Manager WordPress Plugin, version 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qemajaxcalendar' action...

CVE-2023-21462

The sensitive information exposure vulnerability in Quick Share Agent prior to versions 3.5.14.18 in Android 12 and 3.5.16.20 in Android 13 allows to local attacker to access MAC address without related permission...

CVE-2023-23979

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

CVE-2023-43346

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component...

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

CVE-2023-6494

The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-42544

Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files...

CVE-2023-43342

Cross-site scripting XSS vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Languages Menu component...

CVE-2022-46863

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.6.4 versions...

WordPress plugin Quick Contact Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-22783 · Fullworks · Fullworks Quick Contact Form

Name of the Vulnerable Software and Affected Versions: fullworks Quick Contact Form versions n/a through 8.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables potential...