Lucene search
CVE-2024-2782
Fluent Forms contact form plugin for WordPress allows unauthorized data modification via /wp-json/fluentform/v1/global-settings REST API endpoint up to v5.1.16
Show more
| Reporter | Title | Published | Views | Family All 6 |
|---|---|---|---|---|
 | Contact Form Plugin by Fluent Forms < 5.1.17 - Unauthenticated Settings Update | 21 May 202400:00 | – | wpvulndb |
 | CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation | 18 May 202407:38 | – | vulnrichment |
 | WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Broken Access Control | 20 May 202400:00 | – | patchstack |
 | CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation | 18 May 202407:38 | – | cvelist |
 | CVE-2024-2782 | 18 May 202408:15 | – | nvd |
 | Wordfence Intelligence Weekly WordPress Vulnerability Report (May 13, 2024 to May 19, 2024) | 23 May 202415:00 | – | wordfence |
Node
[
{
"vendor": "techjewel",
"product": "Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "5.1.16",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo18 May 2024 08:15Current
6.5Medium risk
Vulners AI Score6.5
CVSS37.5
EPSS0.00043
SSVC