Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5
CVE-2025-24672
- EPSS 0.09%
- Veröffentlicht 24.01.2025 18:15:40
- Zuletzt bearbeitet 24.01.2025 18:15:40
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodePeople Form Builder CP allows SQL Injection. This issue affects Form Builder CP: from n/a through 1.2.41.
6.5
CVE-2024-13680
- EPSS 0.14%
- Veröffentlicht 24.01.2025 07:15:06
- Zuletzt bearbeitet 05.02.2025 17:37:37
The Form Builder CP plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'CP_EASY_FORM_WILL_APPEAR_HERE' shortcode in all versions up to, and including, 1.2.41 due to insufficient escaping on the user supplied parameter a...
4.8
CVE-2022-2567
- EPSS 0.23%
- Veröffentlicht 19.09.2022 14:15:10
- Zuletzt bearbeitet 21.11.2024 07:01:15
The Form Builder CP WordPress plugin before 1.2.32 does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is...
1