CVE-2024-42901

A CSV injection vulnerability in Lime Survey v6.5.12 allows attackers to execute arbitrary code via uploading a crafted CSV file...

CVE-2021-24835

The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible WordPress plugin before 6.5.12, when used in combination with another WCFM - WooCommerce Multivendor plugin such as WCFM - WooCommerce Multivendor Marketplace, does not escape the withdrawalvendor...

LimeSurvey < 6.5.12 XSS Vulnerability

LimeSurvey is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2024-30195 · Unknown · Limesurvey

Name of the Vulnerable Software and Affected Versions: Lime Survey version 6.5.12 Description: A CSV injection vulnerability in Lime Survey allows attackers to execute arbitrary code via uploading a crafted CSV file. This issue enables attackers to upload specially crafted CSV files, which can le...

WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.5.11 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by JrXnm in WordPress WCFM – Frontend Manager for WooCommerce plugin versions = 6.5.11. Solution Update the WordPress WCFM – Frontend Manager for WooCommerce plugin to the latest available version at least 6.5.12...