Lucene search
China National Vulnerability DatabaseCNVD-2022-19793HistoryMar 09, 2022 - 12:00 a.m.
WordPress Smart Forms Plugin Information Disclosure Vulnerability
2022-03-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
smart forms plugin
information disclosure
vulnerability
version 2.6.71
unauthorized access
form data
php
mysql
EPSS
0.001
Percentile
32.8%
WordPress is the Wordpress Foundation’s set of blogging platforms developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers.WordPress Smart Forms Plugin version 2.6.71 before the information leakage vulnerability, the vulnerability stems from the plugin in its rednao_Smart_Forms_entries_list AJAX operation is not authorized, an attacker can exploit the vulnerability to download arbitrary form data.
Related
cvelist
cvelist
CVE-2022-0163 Smart Forms < 2.6.71 - Subscriber+ Form Data Download
2022-03-07 08:16:22
wpvulndb
wpvulndb
Smart Forms < 2.6.71 - Subscriber+ Form Data Download
2022-02-14 00:00:00
cve
cve
CVE-2022-0163
2022-03-07 09:15:08
nvd
nvd
CVE-2022-0163
2022-03-07 09:15:08
prion
prion
Information disclosure
2022-03-07 09:15:00
wpexploit
wpexploit
Smart Forms < 2.6.71 - Subscriber+ Form Data Download
2022-02-14 00:00:00