Skip to main content

Tripetto

3 CVEs product

Monthly

CVE-2025-1530 MEDIUM PATCH This Month

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Tripetto PHP
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-13497 HIGH PATCH This Week

The WordPress form builder plugin for contact forms, surveys and quizzes - Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress XSS Tripetto
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2024-10260 HIGH This Week

The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.11 due to insufficient input sanitization and output. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Tripetto
NVD
CVSS 3.1
7.2
EPSS
0.8%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

WordPress CSRF Tripetto +1
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

The WordPress form builder plugin for contact forms, surveys and quizzes - Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via attachment uploads in all versions up to, and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

WordPress XSS Tripetto
NVD
EPSS 1% CVSS 7.2
HIGH This Week

The Tripetto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 8.0.11 due to insufficient input sanitization and output. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS WordPress Tripetto
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy