cleantalk
Vulnerabilities and Security Researches

WP Gravity Forms Insightly, 78da7e4ebf17bf04d89df5a7a7492deb53506a60

CVE, Research URL

78da7e4ebf17bf04d89df5a7a7492deb53506a60

Home page URL

Security reports for WP Gravity Forms Insightly

Application

WP Gravity Forms Insightly

Published on
Aug 26, 2021
Research Description
WP Gravity Forms Insightly [gf-insightly] < 1.0.7 CRM Perks - Various Plugins (Various Versions) - Reflected Cross-Site Scripting Multiple CRM Perks plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the 'vx_debug' parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 1.0.7.
Status
vulnerable
Previous vulnerability researches
Payment Gateway for PayFabric (8bbbf1c0e1c721fb1f89da1df32fc1e12d96430d) , Jun 07, 2024
Payment Gateway for PayFabric (CVE-2023-33999) , Jun 13, 2026
Payment Gateway for PayFabric (7561f277f93e22b75aabd0195a11a27ce8a0b791) , Jun 16, 2026
Payment Gateway for PayFabric (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026