Lucene search
K
AdvancedformintegrationAdvanced Form Integration

6 matches found

CVE
CVE
added 2024/11/13 6:47 a.m.82 views

CVE-2024-10877

AFI – The Easiest Integration Plugin for WordPress is vulnerable to a Reflected Cross‑Site Scripting due to using the functions add_query_arg/remove_query_arg without proper escaping in the URL, affecting all versions up to and including 1.92.0. This enables unauthenticated attackers to inject ar...

6.1CVSS6AI score0.0056EPSS
CVE
CVE
added 2024/08/26 8:33 p.m.65 views

CVE-2024-43340

CVE-2024-43340 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Nasirahmed Advanced Form Integration (AFI) WordPress plugin. The entry covers AFI versions from 1.0 through 1.89.4 and indicates a CSRF weakness but does not specify the exact root cause or affected actions beyond t...

4.3CVSS7AI score0.00172EPSS
CVE
CVE
added 2023/12/28 11:25 a.m.64 views

CVE-2023-50853

CVE-2023-50853 is an authenticated SQL injection affecting the WordPress plugin Advanced Form Integration (Connect WooCommerce and Contact Form 7 to Google Sheets and other platforms). Affected versions are up to 1.75.0. Root cause: improper neutralization of input elements used in SQL commands. ...

7.6CVSS7.8AI score0.00546EPSS
CVE
CVE
added 2025/03/25 6:0 a.m.61 views

CVE-2024-13123

The AFI WordPress plugin (versions prior to 1.100.0) is affected. Affected component: plugin settings sanitisation/escaping path in AFI before 1.100.0. Root cause: certain settings are not properly sanitised and escaped, enabling Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e...

3.5CVSS5.8AI score0.00246EPSS
CVE
CVE
added 2025/03/25 6:0 a.m.59 views

CVE-2024-13122

The CVE-2024-13122 entry describes an issue in the AFI WordPress plugin prior to version 1.100.0 where some settings are not properly sanitised/escaped. This enables stored Cross-Site Scripting by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (including multisite con...

3.5CVSS5.8AI score0.00246EPSS
CVE
CVE
added 2023/03/23 3:57 p.m.46 views

CVE-2022-47173

CVE-2022-47173 affects the WordPress plugin “Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration” (

5.9CVSS4.9AI score0.00392EPSS