Vulnerabilities > Crmperks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-01 | CVE-2023-51536 | Cross-site Scripting vulnerability in Crmperks CRM Perks Forms 1.1.1 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2. | 4.8 |
| 2024-01-31 | CVE-2024-1069 | Unrestricted Upload of File with Dangerous Type vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. | 7.2 |
| 2024-01-16 | CVE-2022-3604 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection. | 7.8 |
| 2023-12-29 | CVE-2023-31095 | Open Redirect vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8. | 6.1 |
| 2023-12-19 | CVE-2023-37982 | Open Redirect vulnerability in Crmperks Integration for Salesforce and Contact Form 7, Wpforms, Elementor, Ninja Forms 1.3.3 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Salesforce and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.3.3. | 6.1 |
| 2023-12-19 | CVE-2023-38478 | Open Redirect vulnerability in Crmperks Integration for Woocommerce and Quickbooks 1.2.3 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and QuickBooks.This issue affects Integration for WooCommerce and QuickBooks: from n/a through 1.2.3. | 6.1 |
| 2023-12-19 | CVE-2023-38481 | Open Redirect vulnerability in Crmperks Integration for Woocommerce and Zoho Crm, Books, Invoice, Inventory, Bigin URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin.This issue affects Integration for WooCommerce and Zoho CRM, Books, Invoice, Inventory, Bigin: from n/a before 1.3.7. | 6.1 |
| 2023-12-07 | CVE-2023-47779 | Open Redirect vulnerability in Crmperks Integration for Constant Contact and Contact Form 7, Wpforms, Elementor, Ninja URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks. | 6.1 |
| 2023-10-31 | CVE-2023-31212 | SQL Injection vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0. | 9.8 |
| 2023-06-19 | CVE-2023-2527 | Cross-site Scripting vulnerability in Crmperks Integration for Contact Form 7 and Zoho Crm, Bigin 1.2.2 The Integration for Contact Form 7 and Zoho CRM, Bigin WordPress plugin before 1.2.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin | 4.8 |