273 matches found
CVE-2023-24410
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin –...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin –...
CVE-2023-24410
CVE-2023-24410: WordPress plugin FluentForm (Contact Form Plugin – Fastest Contact Form Builder)
WordPress Plugin Contact Form Plugin - Fastest Contact Form Builder Plugin for WordPress by Fluent Forms SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Contact Form Plugin -...
WordPress WP Fluent Forms plugin cross-site request forgery vulnerability
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.A cross-site request forgery vulnerability exists in versions of WordPress WP Fluent Forms plugin prior ...
CVE-2021-34620
The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...
CVE-2021-34620 CSRF in WP Fluent Forms < 3.6.67 allows stored XSS and Privilege Escalation
The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...
CVE-2021-34620
CVE-2021-34620 affects the WP Fluent Forms plugin for WordPress, specifically versions prior to 3.6.67. The root cause is a missing nonce check in the access control function for administrative AJAX actions, enabling Cross-Site Request Forgery that can lead to stored Cross-Site Scripting and a li...
CVE-2021-34620 CSRF in WP Fluent Forms < 3.6.67 allows stored XSS and Privilege Escalation
The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...
WordPress 跨站请求伪造漏洞
WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL.A cross-site request forgery vulnerability exists in versions of WordPress WP Fluent Forms plugin prior ...
PT-2021-20587 · WordPress · Fluent Forms
Name of the Vulnerable Software and Affected Versions: WP Fluent Forms plugin versions prior to 3.6.67 Description: The issue is related to a missing nonce check in the access control function for administrative AJAX actions, leading to Cross-Site Request Forgery, which can result in stored...
WP Fluent Forms < 3.6.67 - Cross-Site Request Forgery (CSRF)
The WP Fluent Forms WordPress plugin was vulnerable to a Cross-Site Request Forgery CSRF vulnerability that could lead to Stored Cross-Site Scripting XSS...
CVE-2021-34620
The WP Fluent Forms plugin 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery leading to stored Cross-Site Scripting and limited Privilege Escalation due to a missing nonce check in the access control function for administrative AJAX actions...