Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Easy Registration Forms Security Vulnerabilities

cve
cve

CVE-2020-22275

Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable.

8.8CVSS

8.6AI Score

0.005EPSS

2020-11-04 05:15 PM
18
cve
cve

CVE-2021-39353

The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajax_add_form function found in the ~/includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 2...

8.8CVSS

8.6AI Score

0.001EPSS

2021-11-19 04:15 PM
17
cve
cve

CVE-2023-5134

The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with sub...

4.3CVSS

4.5AI Score

0.0004EPSS

2023-09-23 08:15 AM
20