CVEDB API

Vulnerabilities

Vulnerable Software

Crmperks: >> Crm Perks Forms >> 1.1.3 Security Vulnerabilities

CVE-2024-37463

Missing Authorization vulnerability in CRM Perks CRM Perks Forms allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CRM Perks Forms: from n/a through 1.1.5.

CVSS Score

5.3

EPSS Score

0.003

Published

2024-11-01

CVE-2024-7484

The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'handle_uploaded_files' function in versions up to, and including, 1.1.3. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVSS Score

7.2

EPSS Score

0.12

Published

2024-08-06

CVE-2024-30446

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through 1.1.4.

CVSS Score

6.5

EPSS Score

0.002

Published

2024-03-29

CVE-2024-30498

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4.

CVSS Score

9.3

EPSS Score

0.003

Published

2024-03-29

CVE-2024-30499

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4.

CVSS Score

8.5

EPSS Score

0.004

Published

2024-03-29

Page 1

Vulnerabilities

Vulnerable Software

Crmperks: >> Crm Perks Forms >> 1.1.3 Security Vulnerabilities

Products

Pricing

Contact Us