4 matches found
CVE-2025-10489
The SureForms – Drag and Drop Contact Form Builder – Multi-step Forms, Conversational Forms and more plugin for WordPress is vulnerable to unauthorized creation of forms due to a missing capability check on the registerposttypes function in all versions up to, and including, 1.12.0. This makes it...
CVE-2025-10489
creationtimestamp| type| source ---|---|--- 2025-09-20 11:11:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lzbamuoa7o2i...
CVE-2025-10489
The SureForms – Drag and Drop Contact Form Builder – Multi-step Forms, Conversational Forms and more plugin for WordPress is vulnerable to unauthorized creation of forms due to a missing capability check on the registerposttypes function in all versions up to, and including, 1.12.0. This makes it...
WordPress SureForms – Drag and Drop Form Builder for WordPress plugin <= 1.12.0 - Missing Authorization to Authenticated (Contributor+) Form Creation vulnerability
Missing Authorization to Authenticated Contributor+ Form Creation vulnerability discovered by Alex in WordPress Plugin SureForms versions = 1.12.0...