cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7484,https://securityvulnerability.io/vulnerability/CVE-2024-7484,Arbitrary File Upload Vulnerability Affects CRM Perks Forms Plugin,"The CRM Perks Forms plugin for WordPress has a vulnerability that allows authenticated users with administrator-level privileges to perform arbitrary file uploads. This vulnerability arises from inadequate validation of files in the 'handle_uploaded_files' function, present in versions up to and including 1.1.3. Successful exploitation of this vulnerability may enable attackers to upload malicious files to the server, creating potential pathways for remote code execution and other harmful actions. Proper validation mechanisms are essential to prevent unauthorized file access and maintain the security integrity of WordPress sites.",Wordpress,Crm Perks Forms – WordPress Form Builder,7.2,HIGH,0.0005600000149570405,false,,false,false,false,,false,false,2024-08-06T01:49:56.901Z,0
CVE-2023-51536,https://securityvulnerability.io/vulnerability/CVE-2023-51536,WordPress CRM Perks Forms Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS),"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2.

",Wordpress,Crm Perks Forms – WordPress Form Builder,5.9,MEDIUM,0.0004799999878741801,false,,false,false,false,,false,false,2024-02-01T10:25:53.730Z,0
CVE-2023-2836,https://securityvulnerability.io/vulnerability/CVE-2023-2836,Stored Cross-Site Scripting Vulnerability in CRM Perks Forms Plugin for WordPress,"The CRM Perks Forms plugin for WordPress contains a vulnerability that allows authenticated attackers with administrator-level permissions to exploit insufficient input sanitization and output escaping in form settings. This risk is particularly relevant for multi-site installations and those with unfiltered_html disabled, where attackers can inject malicious web scripts into pages. These scripts execute when users access the compromised pages, potentially leading to unauthorized actions and data exposure.",Wordpress,CRM Perks Forms – WordPress Form Builder,4.8,MEDIUM,0.0008900000248104334,false,,false,false,false,,false,false,2023-05-31T04:15:00.000Z,0
CVE-2022-38467,https://securityvulnerability.io/vulnerability/CVE-2022-38467,WordPress CRM Perks Forms Plugin <= 1.1.0 is vulnerable to Reflected Cross Site Scripting (XSS) vulnerability,Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms – WordPress Form Builder <= 1.1.0 ver.,Wordpress,Crm Perks Forms – WordPress Form Builder,6.1,MEDIUM,0.0008399999933317304,false,,false,false,false,,false,false,2023-01-14T10:14:12.393Z,0