WordPress WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin <= 8.0.7 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.7...

CVE-2025-1530

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site...

EUVD-2021-23471

Malware in sbrugna...

EUVD-2024-54085

Malicious code in bioql PyPI...

EUVD-2025-2695

Malicious code in bioql PyPI...

EUVD-2024-51756

Malicious code in bioql PyPI...

WordPress Tripetto plugin <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Results Deletion vulnerability discovered by Duc Manh in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.9...

CVE-2025-1530

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site...

CVE-2025-1530

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site...

CVE-2025-1530 Tripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site...

CVE-2025-1530

CVE-2025-1530 : The Tripetto WordPress plugin is vulnerable to Cross-Site Request Forgery (CSRF) in all versions up to and including 8.0.9 due to missing nonce validation. This can allow unauthenticated attackers to delete arbitrary results by tricking a site administrator into performing an acti...

CVE-2024-13497

The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and including, 8.0.9 due to insufficient input sanitization and output escaping. This makes it possib...

CVE-2024-13497 WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto <= 8.0.9 - Unauthenticated Stored Cross-Site Scripting

The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and including, 8.0.9 due to insufficient input sanitization and output escaping. This makes it possib...

CVE-2024-13497

The CVE-2024-13497 entry concerns the WordPress plugin Tripetto (WordPress form builder) up to version 8.0.9. Concrete details from connected sources indicate a Stored Cross-Site Scripting vulnerability via attachment uploads caused by insufficient input sanitization and output escaping. This all...

CVE-2024-13497 WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto <= 8.0.9 - Unauthenticated Stored Cross-Site Scripting

The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and including, 8.0.9 due to insufficient input sanitization and output escaping. This makes it possib...

WordPress plugin Tripetto 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

WordPress plugin Tripetto 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Tripetto plugin <= 8.0.9 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.9...

CVE-2025-22295

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tripetto WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto tripetto allows Stored XSS.This issue affects WordPress form builder plugin for contact forms, surveys and...

WordPress WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin <= 8.0.8 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.8...