VYPR

Amocrm

by Amocrm

CVEs (3)

  • CVE-2025-28870MedMar 11, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in amocrm amoCRM WebForm amocrm-webform allows DOM-Based XSS.This issue affects amoCRM WebForm: from n/a through <= 1.1.

  • CVE-2025-9628MedSep 11, 2025
    risk 0.28cvss 4.3epss 0.00

    The The integration of the AMO.CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the settings_page function. This makes it possible for unauthenticated…

  • CVE-2015-7304Sep 21, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the amoCRM module 7.x-1.x before 7.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified HTTP POST data.