Vulnerabilities > ARI Soft

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-24884 Unspecified vulnerability in Ari-Soft Contact Form 7 Connector
Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2.
network
low complexity
ari-soft
8.8
2024-01-16 CVE-2024-0239 Cross-site Scripting vulnerability in Ari-Soft Contact Form 7 Connector
The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators.
network
low complexity
ari-soft CWE-79
6.1
2023-12-31 CVE-2023-52182 Deserialization of Untrusted Data vulnerability in Ari-Soft ARI Stream Quiz
Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0.
network
low complexity
ari-soft CWE-502
8.8
2023-11-23 CVE-2023-47835 Unspecified vulnerability in Ari-Soft ARI Stream Quiz
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions.
network
low complexity
ari-soft
5.4
2022-03-14 CVE-2022-0161 Unspecified vulnerability in Ari-Soft ARI Fancy Lightbox
The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
network
low complexity
ari-soft
6.1
2021-09-15 CVE-2020-19156 Cross-site Scripting vulnerability in Ari-Soft ARI Adminer 1.0
Cross Site Scripting (XSS) in Ari Adminer v1 allows remote attackers to execute arbitrary code via the 'Title' parameter of the 'Add New Connections' component when the 'save()' function is called.
network
low complexity
ari-soft CWE-79
5.4