421 matches found
WordPress Contact Form by WPForms plugin <= 1.10.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Cyrille COQUARD in WordPress Plugin Contact Form by WPForms versions = 1.10.0.4...
EUVD-2026-29451
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
CVE-2026-42742
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
CVE-2026-42742 WordPress Views for WPForms plugin <= 3.4.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
CVE-2026-42742 WordPress Views for WPForms plugin <= 3.4.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
CVE-2026-42742
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
PT-2026-40009
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through = 3.4.6...
WordPress plugin Views for WPForms SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-40764
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...
WordPress Ultra Addons for WPForms plugin <= 1.0.11 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by CidKagenouSama in WordPress Plugin Ultra Addons for WPForms versions = 1.0.11...
CVE-2026-40764
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...
CVE-2026-40764 WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...
CVE-2026-40764
A CSRF vulnerability in the WordPress plugin Contact Form by WPForms (package wpforms-lite ) affects versions ≤ 1.10.0.2. The issue is described as a Cross-Site Request Forgery vulnerability that allows unauthorized actions to be performed in the context of an authenticated user. The connected do...
CVE-2026-40764 WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...
CVE-2026-40764
Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...
PT-2026-33049
Name of the Vulnerable Software and Affected Versions Contact Form by WPForms versions prior to 1.10.0.3 Description Cross-Site Request Forgery CSRF is a flaw that allows an attacker to induce a user to perform actions they did not intend to do. Recommendations Update to a version newer than...
WordPress plugin Contact Form by WPForms 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-3831 Database for Contact Form 7, WPforms, Elementor forms <= 1.4.9 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the entriesshortcode function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with...
WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by vladimir tokarev in WordPress Plugin Contact Form by WPForms versions = 1.10.0.2...
CVE-2026-25430
Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integration for Mailchimp and Contact Form 7, WPForms, Elementor,...