Lucene search

[email protected]NVD:CVE-2024-22305

HistoryJan 31, 2024 - 12:16 p.m.

CVE-2024-22305

2024-01-3112:16:05

CWE-639

[email protected]

web.nvd.nist.gov

authorization bypass

user-controlled key

contact form builder

wordpress

kali forms

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36.

Affected configurations

NVD

Node

kaliformskali_formsRange<2.3.37wordpress

References

patchstack.com/database/vulnerability/kali-forms/wordpress-kali-forms-plugin-2-3-38-insecure-direct-object-references-idor-vulnerability?_s_id=cve

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.6%

JSON

Related for NVD:CVE-2024-22305

cve1 cvelist1 prion1 wpvulndb1 wordfence1