CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4789

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00212EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 4:18 p.m.•3 views

CVE-2020-27851

Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role...

5.4CVSS7.2AI score0.00221EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:26 p.m.•5 views

CVE-2020-27852

A stored Cross-Site Scripting XSS vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role Administrator, Editor, etc...

5.4CVSS5.5AI score0.00212EPSS

Exploits0

NVD•added 2021/01/20 4:15 a.m.•8 views

CVE-2020-27850

A stored Cross-Site Scripting XSS vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role Administrator, Editor, etc...

4.8CVSS4.9AI score0.00242EPSS

Exploits0References1

NVD•added 2021/01/20 4:15 a.m.•7 views

CVE-2020-27851

5.4CVSS5.9AI score0.00221EPSS

Exploits0References1

Prion•added 2021/01/20 4:15 a.m.•9 views

Cross site scripting

3.5CVSS5.2AI score0.00212EPSS

Exploits0References1Affected Software1

Prion•added 2021/01/20 4:15 a.m.•13 views

Design/Logic Flaw

3.5CVSS5.9AI score0.00221EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/01/20 3:14 a.m.•13 views

CVE-2020-27851

5.9AI score0.00221EPSS

Exploits0References1

CVE•added 2021/01/20 3:14 a.m.•54 views

CVE-2020-27851

CVE-2020-27851 concerns a vulnerability in a paid add-on for Gravity Forms (before 2.4.21) where stored HTML injection can be triggered through poll or quiz answers. The issue allows remote attackers to inject arbitrary HTML code, which would be interpreted by users with privileged roles (Adminis...

5.4CVSS5.8AI score0.00221EPSS

Exploits0References1Affected Software1

CVE•added 2021/01/20 3:11 a.m.•55 views

CVE-2020-27852

The CVE-2020-27852 entry concerns Gravity Forms, a WordPress plugin, with a stored XSS in the survey feature exploitable via a textarea field before version 2.4.21. Affected: Gravity Forms (plugin) prior to 2.4.21. Root cause: unescaped/incorrect handling of textarea input in the survey feature t...

5.4CVSS5.2AI score0.00212EPSS

Exploits0References1Affected Software1

CVE•added 2021/01/20 3:8 a.m.•59 views

CVE-2020-27850

Gravity Forms (Rocketgenius) stored XSS via the forms import feature, affecting versions prior to 2.4.21. The vulnerability allows an attacker to inject arbitrary script/HTML that is then interpreted by users with privileged roles (Administrator, Editor, etc.). Root cause is improper handling of ...

4.8CVSS4.8AI score0.00242EPSS

Exploits0References1Affected Software1

CNNVD•added 2021/01/19 12:0 a.m.•2 views

Rocketgenius Gravity Forms Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via imported GF forms...

4.8CVSS5.8AI score0.00242EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by