Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Vulnerability List - Page 14

Clear Filters
Found 1053 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2025-48333 WordPress eForm - WordPress Form Builder < 4.19.1 - Cross Site Scripting (XSS) Vulnerability WPQuarkeForm - WordPress Form Builder High 7.1 2025-06-17 15:01:43 Deep Dive
CVE-2025-24773 WordPress WPCRM - CRM for Contact form CF7 & WooCommerce plugin <= 3.2.0 - SQL Injection Vulnerability mojoomlaWPCRM - CRM for Contact form CF7 & WooCommerce Critical 9.3 2025-06-17 15:01:40 Deep Dive
CVE-2025-49330 WordPress Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.3.0 - PHP Object Injection Vulnerability CRM PerksIntegration for Contact Form 7 and Zoho CRM, Bigin Critical 9.8 2025-06-17 15:01:23 Deep Dive
CVE-2025-3515 Drag and Drop Multiple File Upload for Contact Form 7 <= 1.3.8.9 - Unauthenticated Arbitrary File Upload via Insufficient Blacklist Checks glenwpcoderDrag and Drop Multiple File Upload for Contact Form 7 High 8.1 2025-06-17 09:21:39 Deep Dive
CVE-2025-31045 WordPress elfsight Contact Form widget plugin <= 2.3.1 - Sensitive Data Exposure Vulnerability elfsightelfsight Contact Form widget High 7.5 2025-06-09 15:56:47 Deep Dive
CVE-2025-24772 WordPress Pay with Contact Form 7 plugin <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability cmsMindsPay with Contact Form 7 Medium 5.4 2025-06-06 12:54:39 Deep Dive
CVE-2025-28985 WordPress Elastic Email Subscribe Form plugin <= 1.2.2 - Broken Access Control Vulnerability Elastic EmailElastic Email Subscribe Form Medium 5.4 2025-06-06 12:54:31 Deep Dive
CVE-2025-30935 WordPress Contact Form plugin <= 2.0.12 - Cross Site Scripting (XSS) Vulnerability NickDuncanContact Form Medium 6.5 2025-06-06 12:54:17 Deep Dive
CVE-2025-49332 WordPress WP Time Slots Booking Form plugin <= 1.2.30 - Cross Site Request Forgery (CSRF) Vulnerability codepeopleWP Time Slots Booking Form Medium 4.3 2025-06-06 12:53:58 Deep Dive
CVE-2025-49291 WordPress Calculated Fields Form plugin <= 5.3.58 - Cross Site Request Forgery (CSRF) Vulnerability codepeopleCalculated Fields Form Medium 4.3 2025-06-06 12:53:45 Deep Dive
CVE-2025-5341 Forminator <= 1.44.1 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via id and data-size Parameters wpmudevForminator Forms – Contact Form, Payment Form & Custom Form Builder Medium 6.4 2025-06-05 11:15:06 Deep Dive
CVE-2025-5539 Simplify Contact Management: WP Easy Contact <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting emarket-designSimple Contact Form Plugin for WordPress – WP Easy Contact Medium 6.4 2025-06-04 04:22:42 Deep Dive
CVE-2025-4392 Shared Files <= 1.7.48 - Unauthenticated Stored Cross-Site Scripting via sanitize_file Function anssilaitilaShared Files – Frontend File Upload Form & Secure File Sharing High 7.2 2025-06-03 09:22:04 Deep Dive
CVE-2025-4659 Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.4 - Unauthenticated Full Path Disclosure crmperksIntegration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms Medium 5.3 2025-05-30 05:23:20 Deep Dive
CVE-2025-5055 Smart Forms <= 2.6.98 - Authenticated (Admin+) Stored Cross-Site Scripting edgarrojasSmart Forms – when you need more than just a contact form Medium 4.4 2025-05-24 02:23:04 Deep Dive
CVE-2025-31914 WordPress Pixel Form BuilderPlugin & Autoresponder plugin <= 1.0.2 - SQL Injection Vulnerability kamleshyadavPixel WordPress Form BuilderPlugin & Autoresponder Critical 9.3 2025-05-23 12:44:03 Deep Dive
CVE-2025-46437 WordPress Tayori Form plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability tayoricomTayori Form High 7.1 2025-05-23 12:43:49 Deep Dive
CVE-2025-47690 WordPress Lead Form Data Collection to CRM plugin <= 3.1 - Arbitrary Option Update to Privilege Escalation vulnerability Smackcoders Inc.,Lead Form Data Collection to CRM High 8.8 2025-05-23 12:43:18 Deep Dive
CVE-2025-48245 WordPress Quick Contact Form plugin <= 8.2.1 - Reflected Cross Site Scripting (XSS) vulnerability Saad IqbalQuick Contact Form High 7.1 2025-05-23 12:43:17 Deep Dive
CVE-2025-3781 Raisely Donation Form <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via raisely_donation_form Shortcode creativefreedomauRaisely Donation Form Medium 6.4 2025-05-21 09:21:49 Deep Dive