Vulnerabilities > Crmperks

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-51536 Unspecified vulnerability in Crmperks CRM Perks Forms 1.1.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2.
network
low complexity
crmperks
4.8
2024-01-31 CVE-2024-1069 Unrestricted Upload of File with Dangerous Type vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2.
network
low complexity
crmperks CWE-434
7.2
2024-01-16 CVE-2022-3604 Improper Neutralization of Formula Elements in a CSV File vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.
local
low complexity
crmperks CWE-1236
7.8
2023-12-29 CVE-2023-31095 Unspecified vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8.
network
low complexity
crmperks
6.1
2023-12-19 CVE-2023-37982 Open Redirect vulnerability in Crmperks Integration for Salesforce and Contact Form 7, Wpforms, Elementor, Ninja Forms 1.3.3
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3.
network
low complexity
crmperks CWE-601
6.1
2023-12-19 CVE-2023-38478 Unspecified vulnerability in Crmperks Integration for Woocommerce and Quickbooks 1.2.3
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.2.3.
network
low complexity
crmperks
6.1
2023-12-19 CVE-2023-38481 Open Redirect vulnerability in Crmperks Integration for Woocommerce and Zoho Crm, Books, Invoice, Inventory, Bigin
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin: from n/a before 1.3.7.
network
low complexity
crmperks CWE-601
6.1
2023-12-07 CVE-2023-47779 Unspecified vulnerability in Crmperks Integration for Constant Contact and Contact Form 7, Wpforms, Elementor, Ninja
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks.
network
low complexity
crmperks
6.1
2023-10-31 CVE-2023-31212 Unspecified vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0.
network
low complexity
crmperks
critical
9.8
2023-06-19 CVE-2023-2527 Cross-site Scripting vulnerability in Crmperks Integration for Contact Form 7 and Zoho Crm, Bigin 1.2.2
The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
network
low complexity
crmperks CWE-79
4.8