Vulnerabilidades em crmperks
15 resultadosCVE-2025-7384CRITICALDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.3 - Unauthenticated PHP Object Injection to Arbitrary File DeletionEPSS 1.6%CVE-2024-1069HIGHContact Form Entries <= 1.3.2 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.2%CVE-2025-7697CRITICALIntegration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.1.1 - Unauthenticated PHP Object Injection via verify_field_val FunctionEPSS 1.1%CVE-2025-7696CRITICALIntegration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms <= 1.2.3 - Unauthenticated PHP Object Injection via verify_field_val FunctionEPSS 1.0%CVE-2024-7484HIGHCRM Perks Forms <= 1.1.3 - Authenticated (Administrator+) Arbitrary File UploadEPSS 0.9%CVE-2026-9843HIGHDatabase for Contact Form 7, WPforms, Elementor forms <= 1.5.1 - Unauthenticated Arbitrary File Deletion via CF7 File Field POST ValueEPSS 0.7%CVE-2024-3715HIGHDatabase for Contact Form 7, WPforms, Elementor forms <= 1.3.8 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.6%CVE-2023-2836MEDIUMCRM Perks Forms <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-2030MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.3.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcodeEPSS 0.6%CVE-2026-2599CRITICALDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.7 - Unauthenticated PHP Object Injection via 'download_csv'EPSS 0.5%CVE-2026-0825MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.5 - Missing Authorization to Unauthenticated Form Data Exfiltration via CSV ExportEPSS 0.4%CVE-2024-12443MEDIUMCRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-4659MEDIUMIntegration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.4 - Unauthenticated Full Path DisclosureEPSS 0.3%CVE-2026-2568HIGHWP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms <= 1.1.5 - Unauthenticated Stored Cross-Site ScriptingEPSS 0.2%CVE-2026-3831MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.4.9 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via ShortcodeEPSS 0.2%