CVE-2026-32484

CVE-2026-32484 affects WordPress BoldGrid weForms plugin (versions n/a through 1.6.26). The vulnerability is due to deserialization of untrusted data, enabling PHP object injection in weForms. CVSS 3.1 base score 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and privileges require...

CVE-2025-69028

Missing Authorization vulnerability in BoldGrid weForms weforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weForms: from n/a through = 1.6.25...

EUVD-2023-56236

Malicious code in bioql PyPI...

EUVD-2024-30314

Malicious code in bioql PyPI...

EUVD-2023-55629

Malicious code in bioql PyPI...

CVE-2024-32512

Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...

CVE-2024-30512

Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20...

CVE-2024-30512

Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20...

PT-2024-15520 · WordPress · Weforms

Name of the Vulnerable Software and Affected Versions: weForms plugin for WordPress versions up to, and including, 1.6.21 Description: The issue is related to Stored Cross-Site Scripting via the 'Referer' HTTP header due to insufficient input sanitization and output escaping. This allows...

WordPress Plugin weForms Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...