EUVD-2023-27898

Malicious code in bioql PyPI...

EUVD-2024-22292

Malicious code in bioql PyPI...

CVE-2024-24929

Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...

CVE-2022-3237

The WP Contact Slider WordPress plugin before 2.4.8 does not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2025-26560

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KKWangen WP Contact Form III wp-contact-form-iii allows Reflected XSS.This issue affects WP Contact Form III: from n/a through = 1.6.2d...

CVE-2025-26560

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KKWangen WP Contact Form III wp-contact-form-iii allows Reflected XSS.This issue affects WP Contact Form III: from n/a through = 1.6.2d...

CVE-2025-26560

CVE-2025-26560 describes a Reflected XSS in the WordPress plugin WP Contact Form III (notFound WP Contact Form III) affecting versions up to 1.6.2d. The root cause is improper input neutralization during web page generation. The connected Red Hat/Reddit Wordfence entries corroborate the vulnerabi...

CVE-2024-13467

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13467

The CVE-2024-13467 entry concerns the WordPress plugin WP Contact Form7 Email Spam Blocker. A Reflected Cross-Site Scripting vulnerability exists in the post parameter for all versions up to and including 1.0.0, caused by insufficient input sanitization and output escaping. This allows unauthenti...

CVE-2024-13467 WP Contact Form7 Email Spam Blocker <= 1.0.0 - Reflected Cross-Site Scripting

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-13467 WP Contact Form7 Email Spam Blocker <= 1.0.0 - Reflected Cross-Site Scripting

The WP Contact Form7 Email Spam Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'post' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...

CVE-2024-24929

Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...

CVE-2024-24929

CVE-2024-24929 is a CSRF vulnerability affecting the WordPress WP Contact Form plugin (versions

WordPress WP Contact Form Plugin <= 1.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Contact Form Type Plugin Vulnerable versions = 1.6 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-24929 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5dc45c0e70d7 Credits Skalucy Required...

CVE-2023-23812

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joost de Valk Enhanced WP Contact Form plugin = 2.2.3 versions...

CVE-2023-23812

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joost de Valk Enhanced WP Contact Form plugin = 2.2.3 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joost de Valk Enhanced WP Contact Form plugin = 2.2.3 versions...

CVE-2023-23812

CVE-2023-23812 concerns the Enhanced WP Contact Form plugin for WordPress. Public sources describe an auth Admin+ Stored XSS in versions

WordPress plugin Enhanced WP Contact Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...