25 matches found
EUVD-2026-33650
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a through 2.10.0.1...
EUVD-2023-32417
Malicious code in bioql PyPI...
EUVD-2022-4789
Malicious code in bioql PyPI...
CVE-2020-27851
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
CVE-2020-27852
A stored Cross-Site Scripting XSS vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role Administrator, Editor, etc...
CVE-2023-28782
Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3...
Deserialization of untrusted data
Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3...
CVE-2023-28782 WordPress Gravity Forms Plugin <= 2.7.3 is vulnerable to PHP Object Injection
Deserialization of Untrusted Data vulnerability in Rocketgenius Inc. Gravity Forms.This issue affects Gravity Forms: from n/a through 2.7.3...
CVE-2023-28782
Described vulnerability CVE-2023-28782 affects Gravity Forms WordPress plugin versions
GHSA-FCJ2-RXQC-294C Gravity Forms stored HTML injection vulnerability
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
GHSA-PJV5-V9GV-3679 Gravity Forms stored Cross-Site Scripting (XSS) vulnerability in the survey feature
A stored Cross-Site Scripting XSS vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role Administrator, Editor, etc...
Gravity Forms stored HTML injection vulnerability
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
Gravity Forms stored Cross-Site Scripting (XSS) vulnerability in the survey feature
A stored Cross-Site Scripting XSS vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role Administrator, Editor, etc...
GHSA-WMH7-782F-XFW5 Gravity Forms stored Cross-Site Scripting (XSS) vulnerability
A stored Cross-Site Scripting XSS vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role Administrator, Editor, etc...
CVE-2020-27850
A stored Cross-Site Scripting XSS vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role Administrator, Editor, etc...
CVE-2020-27851
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
Cross site scripting
A stored Cross-Site Scripting XSS vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role Administrator, Editor, etc...
Design/Logic Flaw
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
CVE-2020-27851
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...
CVE-2020-27851
CVE-2020-27851 concerns a vulnerability in a paid add-on for Gravity Forms (before 2.4.21) where stored HTML injection can be triggered through poll or quiz answers. The issue allows remote attackers to inject arbitrary HTML code, which would be interpreted by users with privileged roles (Adminis...