The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
Vendor | Product | Version | CPE |
---|---|---|---|
rednao | smart_forms | * | cpe:2.3:a:rednao:smart_forms:*:*:*:*:*:*:*:* |