Known Vulnerabilities for products from Incsub

Listed below are 19 of the newest known vulnerabilities associated with the vendor "Incsub".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2024-43118 Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This... Not Provided 2024-11-01 2026-04-01
CVE-2024-32792 Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This... Not Provided 2024-06-09 2026-04-01
CVE-2024-29777 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV - Your All-in-... Not Provided 2024-03-27 2026-04-01
CVE-2023-6133 4.9 - MEDIUM 2023-11-15 2023-11-30
CVE-2023-5119 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... Not Provided 2023-11-20 2023-11-20
CVE-2023-4596 The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a fil... 9.8 - CRITICAL 2023-08-30 2023-11-07
CVE-2023-3134 The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields tha... 6.1 - MEDIUM 2023-07-31 2023-11-07
CVE-2023-2010 The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and... 3.1 - LOW 2023-07-04 2023-11-07
CVE-2023-1478 The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing t... 9.8 - CRITICAL 2023-04-10 2023-11-07
CVE-2022-0994 The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege ... 4.8 - MEDIUM 2022-04-18 2022-04-27
CVE-2021-36821 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 6.1 - MEDIUM 2023-03-16 2023-11-07
CVE-2021-24700 The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high priv... 4.8 - MEDIUM 2021-11-23 2021-11-24
CVE-2021-4417 The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request ... 4.3 - MEDIUM 2023-07-12 2023-11-07
CVE-2021-4342 ** REJECT ** CVE split into individual CVE IDs for each software record. Not Provided 2023-06-07 2023-11-07
CVE-2019-11872 The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicio... 8.8 - HIGH 2019-05-29 2023-02-24
CVE-2019-9568 The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has SQL Injection via the wp-admin/admin.p... 6.5 - MEDIUM 2019-03-04 2023-05-18
CVE-2019-9567 The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll... 6.1 - MEDIUM 2019-03-04 2023-05-18
CVE-2018-18576 The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing ... 5.3 - MEDIUM 2020-03-17 2020-03-19
CVE-2015-9455 The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/a... 8.1 - HIGH 2019-10-07 2019-10-10

Known software with vulnerabilities from Incsub

Type Vendor Product Version
ApplicationIncsubBuddypress-activity-plus-
ApplicationIncsubForminator1.0
ApplicationIncsubHustle3.0