WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.5 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions = 1.1.5...

CVE-2026-24985

Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...

CVE-2026-24985

Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...

PT-2026-6233

Name of the Vulnerable Software and Affected Versions approveme WP Forms Signature Contract Add-On versions through 1.8.2 Description The WP Forms Signature Contract Add-On contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access...

CVE-2025-67468

CVE-2025-67468 affects WordPress: the WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin (cf7-salesforce) with versions up to and including 1.4.6. The issue is a Missing Authorization / Broken Access Control vulnerability allowing exploitat...

EUVD-2023-52343

Malicious code in bioql PyPI...

EUVD-2023-52345

Malicious code in bioql PyPI...

EUVD-2023-49319

Malicious code in bioql PyPI...

CVE-2023-44997

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin = 4.1 versions...

CVE-2023-48278

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

CVE-2023-48276

Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Functionality Bypass.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

WordPress plugin CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2023-23825 WordPress Spectra – WordPress Gutenberg Blocks plugin <= 2.3.0 - Broken Access Control + CSRF on Import_WPforms vulnerability

Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0...

CVE-2023-48276

Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Functionality Bypass.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

CVE-2023-48278

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

CVE-2023-48278

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Stored XSS.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1...

CVE-2023-48278

CVE-2023-48278 affects the WP Forms Puzzle Captcha WordPress plugin (versions 4.1 when available; if not yet patched, consider disabling the plugin until a patch is released.

WP Forms Puzzle Captcha <= 4.1 - Cross-Site Request Forgery to Cross-Site Scripting

Description The WP Forms Puzzle Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.1. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to invoke this functio...

WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Forms Puzzle Captcha Type Plugin Vulnerable versions = 4.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-48278 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID fe5374d7289c Credits qilin99 Require...