| CVE/PSC | Application | Date | Affected versions | Description |
|---|---|---|---|---|
| Actual on: Jul 02, 2025, 04:07:53 | Entries count: 2 | |||
|
vulnerable
|
Apr 02, 2025, 14:04:44 |
Min -
Max 1.2.8.11
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crosstec Breezing Forms allows Reflected XSS. This issue affects Breezing Forms: from n/a through 1.2.8.11. | |
|
vulnerable
|
Jun 06, 2024, 23:06:14 |
Min -
Max 1.2.7.31
|
Breezing Forms [breezing-forms] < 1.2.7.31 Breezing Forms <= 1.2.7.30 - SQL Injection The Breezing Forms plugin for WordPress is vulnerable to generic SQL Injection via the ‘page’ parameter in versions up to, and including, 1.2.7.30 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to append additional SQL queries into already existing ... | |