Lucene search
+L

273 matches found

OSV
OSV
added 2024/05/18 8:15 a.m.15 views

CVE-2024-2772

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in all versions up to, and including, 5.1.13 due to insufficient input sanitization and output escaping. This makes it...

5.4CVSS5.9AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2024/05/18 8:15 a.m.6 views

CVE-2024-2771

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS5.8AI score0.02333EPSS
Exploits1References2
NVD
NVD
added 2024/05/18 8:15 a.m.39 views

CVE-2024-2771

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS6.9AI score0.02333EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/18 7:38 a.m.46 views

CVE-2024-4709 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output escaping. This makes i...

6.4CVSS6.3AI score0.00387EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/18 7:38 a.m.42 views

CVE-2024-2772 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.13 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in all versions up to, and including, 5.1.13 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.9AI score0.00257EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/18 7:38 a.m.45 views

CVE-2024-2772 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.13 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in all versions up to, and including, 5.1.13 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.5AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/18 7:38 a.m.39 views

CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS7.5AI score0.0123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/18 7:38 a.m.20 views

CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS6.7AI score0.0123EPSS
Exploits0References2
CVE
CVE
added 2024/05/18 7:38 a.m.130 views

CVE-2024-2782

CVE-2024-2782 affects WordPress plugin Fluent Forms (Contact Form Plugin for Quiz, Survey, and Drag & Drop WP Form Builder) versions

7.5CVSS6.5AI score0.0123EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/18 7:38 a.m.54 views

CVE-2024-2771 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege Escalation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS7.2AI score0.02333EPSS
Exploits1References2
EUVD
EUVD
added 2024/05/18 7:38 a.m.9 views

EUVD-2024-27715

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS6.3AI score0.02333EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/05/18 7:38 a.m.17 views

CVE-2024-2771 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege Escalation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS6.9AI score0.02333EPSS
Exploits1References2
CVE
CVE
added 2024/05/18 7:38 a.m.200 views

CVE-2024-2771

CVE-2024-2771 affects the Contact Form Plugin by Fluent Forms for WordPress. The issue is an unauthenticated privilege-escalation caused by a missing capability check on the REST endpoint /wp-json/fluentform/v1/managers. Vulnerable in all versions up to 5.1.16, allowing an unauthenticated attacke...

9.8CVSS7.7AI score0.02333EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/05/18 12:0 a.m.4 views

WordPress plugin Fluent Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.2CVSS5.9AI score0.00387EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/18 12:0 a.m.8 views

WordPress plugin Fluent Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.4AI score0.0123EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/18 12:0 a.m.10 views

WordPress plugin Fluent Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.5AI score0.02333EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/05/18 12:0 a.m.7 views

WordPress plugin Fluent Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.9AI score0.00257EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/18 12:0 a.m.9 views

PT-2024-22058

Name of the Vulnerable Software and Affected Versions: The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.16 Description: The issue is related to a missing capability check on the...

7.5CVSS6AI score0.0123EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/05/18 12:0 a.m.12 views

PT-2024-22001

Name of the Vulnerable Software and Affected Versions: The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.16 Description: The issue is related to a missing capability check on the...

9.8CVSS6.1AI score0.02333EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/05/18 12:0 a.m.5 views

PT-2024-32404 · Fluent Forms · Contact Form Plugin By Fluent Forms

Name of the Vulnerable Software and Affected Versions: The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress versions up to, and including, 5.1.16 Description: The issue is related to Stored Cross-Site Scripting via the subject parameter du...

7.2CVSS5.9AI score0.00387EPSS
Exploits0References11
Rows per page
Query Builder