Vulnerabilities > Reputeinfosystems
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-21 | CVE-2022-0739 | Unspecified vulnerability in Reputeinfosystems Bookingpress The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection | 9.8 |
| 2021-12-06 | CVE-2021-24718 | Unspecified vulnerability in Reputeinfosystems Contact Form, Survey & Popup Form Plugin for Wordpress - Arforms Form Builder The Contact Form, Survey & Popup Form Plugin for WordPress plugin before 1.5 does not properly sanitize some of its settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed | 4.8 |
| 2019-09-27 | CVE-2019-16902 | Path Traversal vulnerability in Reputeinfosystems Arforms 3.7.1 In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformcontroller.php allows unauthenticated deletion of an arbitrary file by supplying the full pathname. | 7.5 |
| 2019-08-08 | CVE-2019-14679 | Cross-Site Request Forgery (CSRF) vulnerability in Reputeinfosystems Arprice Lite 2.2 core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 for WordPress allows wp-admin/admin.php?page=arplite_import_export CSRF. | 6.5 |
| 2019-03-21 | CVE-2018-15818 | Improper Input Validation vulnerability in Reputeinfosystems Repute Arforms 3.5.1 An issue was discovered in Repute ARForms 3.5.1 and prior. | 7.5 |