58 matches found
CVE-2025-32213
CVE-2025-32213 (Flo Forms – Flo Forms plugin for WordPress) is a Missing Authorization vulnerability in Flo Forms
CVE-2025-32213 WordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerability
Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.43...
PT-2025-15946 · Flo Forms · Flo Forms
Name of the Vulnerable Software and Affected Versions: Flo Forms versions 1.0.43 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. This enables unauthorized access control...
WordPress plugin Flo Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
WordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Flo Forms versions = 1.0.43...
CVE-2023-47692
Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.41...
CVE-2023-47692 WordPress Flo Forms plugin <= 1.0.41 - Broken Access Control vulnerability
Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.41...
CVE-2023-47692 WordPress Flo Forms plugin <= 1.0.41 - Broken Access Control vulnerability
Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.41...
WordPress plugin Flo Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2024-35174
Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...
CVE-2024-35174 WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability
Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...
CVE-2024-35174 WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability
Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...
CVE-2024-35174
CVE-2024-35174 is a Missing Authorization vulnerability in the Flo Forms plugin for WordPress, affecting Flo Forms versions up to 1.0.42. The root cause, per sources, is broken access control that permits unauthorized access to Flo Forms data; exploitation details are not provided in the document...
PT-2024-26356 · Flothemes · Flo Forms
Name of the Vulnerable Software and Affected Versions: Flo Forms versions 1.0.42 and earlier Description: The issue is related to a Missing Authorization vulnerability in Flothemes Flo Forms. Recommendations: For versions 1.0.42 and earlier, update to a version later than 1.0.42 to resolve the...
WordPress plugin Flo Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
Flo Forms <= 1.0.42 - Missing Authorization
Description The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.0.42. This makes it possible for unauthenticated attackers to perform an unauthorized action...
WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Flo Forms versions = 1.0.42...
WordPress Flo Forms Plugin <= 1.0.42 is vulnerable to Broken Access Control
Software Flo Forms Type Plugin Vulnerable versions = 1.0.42 Fixed in 1.0.43 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35174 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5341640d4e58 Credits Dhabaleshwar Das Required privile...
Flo Forms <= 1.0.41 - Missing Authorization via flo_send_test_email
Description The Flo Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the flosendtestemail function in versions up to, and including, 1.0.41. This makes it possible for authenticated attackers, with subscriber-level access and above...
WordPress Flo Forms Plugin <= 1.0.41 is vulnerable to Broken Access Control
Software Flo Forms Type Plugin Vulnerable versions = 1.0.41 Fixed in 1.0.42 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47692 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 415778b368e8 Credits Abdi Pranata Required...