50 matches found
WordPress Zigaform plugin <= 7.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Zigaform versions = 7.4.7...
WordPress Zigaform plugin <= 7.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Zigaform – Price Calculator & Cost Estimation Form Builder Lite versions = 7.4.7...
CVE-2025-13696
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
CVE-2025-13696
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
EUVD-2025-200214
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
CVE-2025-13696 Zigaform <= 7.6.5 - Unauthenticated Form Submission Data Disclosure in rocket_front_payment_seesummary AJAX Endpoint
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
CVE-2025-13696 Zigaform <= 7.6.5 - Unauthenticated Form Submission Data Disclosure in rocket_front_payment_seesummary AJAX Endpoint
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
CVE-2025-13696
The CVE-2025-13696 case concerns the Zigaform WordPress plugin (
WordPress plugin Zigaform 信息泄露漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An information...
PT-2025-48651
The Zigaform plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.6.5. This is due to the plugin exposing a public AJAX endpoint that retrieves form submission data without performing authorization checks to verify ownership or access rights. Th...
WordPress Zigaform plugin <= 7.6.5 - Unauthenticated Form Submission Data Disclosure in rocket_front_payment_seesummary AJAX Endpoint vulnerability
Unauthenticated Form Submission Data Disclosure in rocketfrontpaymentseesummary AJAX Endpoint vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Zigaform – Price Calculator & Cost Estimation Form Builder Lite versions = 7.6.5...
EUVD-2025-5623
Malicious code in bioql PyPI...
EUVD-2025-5619
Malicious code in bioql PyPI...
EUVD-2025-4516
Malicious code in bioql PyPI...
EUVD-2025-4301
Malicious code in bioql PyPI...
CVE-2025-26994
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite zigaform-calculator-cost-estimation-form-builder-lite allows Stored XSS.This issue affects Zigaform – Price Calculator &...
CVE-2025-26989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform zigaform-form-builder-lite allows Stored XSS.This issue affects Zigaform: from n/a through = 7.4.2...
CVE-2025-26989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform zigaform-form-builder-lite allows Stored XSS.This issue affects Zigaform: from n/a through = 7.4.2...
CVE-2025-26989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform – Form Builder Lite allows Stored XSS. This issue affects Zigaform – Form Builder Lite: from n/a through 7.4.2...
CVE-2025-26994
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite zigaform-calculator-cost-estimation-form-builder-lite allows Stored XSS.This issue affects Zigaform – Price Calculator &...