PT-2025-45034

Name of the Vulnerable Software and Affected Versions Salesforce Agentforce Vibes Extension versions prior to 3.2.0 Description An issue exists in Salesforce Agentforce Vibes Extension related to improper neutralization of input used for LLM prompting, potentially allowing manipulation of writabl...

WordPress Time Tracker plugin <= 3.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update and Limited Data Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Options Update and Limited Data Deletion vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Time Tracker versions = 3.1.0...

PT-2023-28375 · WordPress · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime WordPress plugin versions prior to 3.2.0 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because some parameters are not properly sanitised and escaped before being outputted back in the pag...

WordPress Metform Elementor Contact Form Builder Plugin < 3.2.0 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpmet:metformelementorcontactformbuilder"; if description...

phpMyFAQ < 3.2.0 XSS Vulnerability

phpMyFAQ is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyfaq:phpmyfaq"...