Lucene search
K

5 matches found

Patchstack
Patchstack
added 2024/01/17 12:0 a.m.10 views

WordPress Contact Form builder with drag & drop - Kali Forms Plugin <= 2.3.36 is vulnerable to Insecure Direct Object References (IDOR)

Software Contact Form builder with drag & drop - Kali Forms Type Plugin Vulnerable versions = 2.3.36 Fixed in 2.3.37 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-22305 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership...

8.1CVSS6.5AI score0.00453EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/10/16 12:0 a.m.15 views

WordPress Contact Form Builder, Contact Widget Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Builder, Contact Widget Type Plugin Vulnerable versions = 2.1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-46075 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c2d6ac7f320 Credit...

7.1CVSS5.6AI score0.00331EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/06/05 12:0 a.m.12 views

WordPress Contact Form Builder by vcita Plugin <= 4.10.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Builder by vcita Type Plugin Vulnerable versions = 4.10.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2301 Patch priority Low CVSS severity Low 6.1 Developer Claim ownership PSID 8de38a056831 Credits Jonas...

6.1CVSS5.7AI score0.00295EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2023/06/05 12:0 a.m.15 views

WordPress Contact Form Builder by vcita Plugin <= 4.10.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Builder by vcita Type Plugin Vulnerable versions = 4.10.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2300 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 3b4b71b799e4 Credits Jonas...

6.4CVSS5.6AI score0.0051EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2019/04/24 12:0 a.m.13 views

WordPress Contact Form Builder plugin <= 1.0.68 - Cross-Site Request Forgery (CSRF) leading to Local File Inclusion (LFI) vulnerability

Cross-Site Request Forgery CSRF leading to Local File Inclusion LFI vulnerability found by Panagiotis Vagenas in WordPress Contact Form Builder plugin versions = 1.0.68. Solution Update the WordPress Contact Form Builder plugin to the latest available version at least 1.0.69...

3AI score
Exploits0References1Affected Software1
Rows per page
Query Builder