Vulnerabilities > Rocketgenius

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-20	CVE-2020-27852	Cross-site Scripting vulnerability in Rocketgenius Gravityforms A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. network rocketgenius CWE-79	3.5
2021-01-20	CVE-2020-27851	Cross-site Scripting vulnerability in Rocketgenius Gravityforms Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. network rocketgenius CWE-79	3.5
2021-01-20	CVE-2020-27850	Cross-site Scripting vulnerability in Rocketgenius Gravityforms A stored Cross-Site Scripting (XSS) vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. network rocketgenius CWE-79	3.5
2020-06-02	CVE-2020-13764	Information Exposure vulnerability in Rocketgenius Gravityforms common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because user_pass is not considered a special case for a $current_user->get($property) call. network low complexity rocketgenius CWE-200	5.0

Vulnerabilities > Rocketgenius {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Rocketgenius"}]}