Known Vulnerabilities for products from Incsub
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Incsub".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-43118 json | Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This... | Not Provided | 2024-11-01 | 2026-04-23 |
| CVE-2024-32792 json | Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.This... | Not Provided | 2024-06-09 | 2026-04-23 |
| CVE-2024-29777 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV - Your All-in-... | Not Provided | 2024-03-27 | 2026-04-23 |
| CVE-2024-3053 json | The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site S... | Not Provided | 2024-04-09 | 2026-04-08 |
| CVE-2024-1794 json | The Forminator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an uploaded file (e.g. 3gpp file) in all... | Not Provided | 2024-04-09 | 2026-04-08 |
| CVE-2023-6133 json | The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient blacklisting on the 'forminat... | Not Provided | 2023-11-15 | 2026-04-08 |
| CVE-2023-5119 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | Not Provided | 2023-11-20 | 2023-11-20 |
| CVE-2023-4596 json | The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a fil... | Not Provided | 2023-08-30 | 2026-04-08 |
| CVE-2023-3134 json | The Forminator WordPress plugin before 1.24.4 does not properly escape values that are being reflected inside form fields tha... | 6.1 - MEDIUM | 2023-07-31 | 2023-11-07 |
| CVE-2023-2010 json | The Forminator WordPress plugin before 1.24.1 does not use an atomic operation to check whether a user has already voted, and... | 3.1 - LOW | 2023-07-04 | 2023-11-07 |
| CVE-2023-1478 json | The Hummingbird WordPress plugin before 3.4.2 does not validate the generated file path for page cache files before writing t... | 9.8 - CRITICAL | 2023-04-10 | 2023-11-07 |
| CVE-2022-0994 json | The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege ... | 4.8 - MEDIUM | 2022-04-18 | 2022-04-27 |
| CVE-2021-36821 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2023-03-16 | 2023-11-07 |
| CVE-2021-24700 json | The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high priv... | 4.8 - MEDIUM | 2021-11-23 | 2021-11-24 |
| CVE-2021-4417 json | The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request ... | Not Provided | 2023-07-12 | 2026-04-08 |
| CVE-2021-4342 json | ** REJECT ** CVE split into individual CVE IDs for each software record. | Not Provided | 2023-06-07 | 2023-11-07 |
| CVE-2019-11872 json | The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnerable to CSV Injection as it allows for injecting malicio... | 8.8 - HIGH | 2019-05-29 | 2023-02-24 |
| CVE-2019-9568 json | The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has SQL Injection via the wp-admin/admin.p... | 6.5 - MEDIUM | 2019-03-04 | 2023-05-18 |
| CVE-2019-9567 json | The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll... | 6.1 - MEDIUM | 2019-03-04 | 2023-05-18 |
| CVE-2018-18576 json | The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing ... | 5.3 - MEDIUM | 2020-03-17 | 2020-03-19 |
Known software with vulnerabilities from Incsub
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Incsub | Buddypress-activity-plus | - |
| Application | Incsub | Forminator | 1.0 |
| Application | Incsub | Hustle | 3.0 |