PT-2022-13286 · WordPress · Formcraft

Name of the Vulnerable Software and Affected Versions: FormCraft WordPress plugin versions prior to 3.8.28 Description: The issue concerns the FormCraft WordPress plugin, where the URL parameter in the formcraft3 get AJAX action is not properly validated, leading to Server-Side Request Forgery SS...

WordPress formcraft-form-builder plugin cross-site request forgery vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. formcraft-form-builder is used in one of the drag-and-drop form builder plugin . A cross-site request forgery vulnerabilit...

CVE-2019-15114

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF...

Cross site request forgery (csrf)

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF...

CVE-2019-15114

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF...

CVE-2019-15114

CVE-2019-15114 affects the WordPress FormCraft Form Builder plugin. The vulnerability is a CSRF flaw in versions before 1.2.2, arising from insufficient request verification, potentially allowing unauthorized actions on behalf of a user. Mitigation: upgrade to 1.2.2 or later (as indicated by mult...

WordPress FormCraft plugin CSRF backdoor access vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A CSRF backdoor access vulnerability exists in the WordPress FormCraft plugin, which can be exploited by an attacker to perform arbitrary operations by inducing the...

WordPress FormCraft 2.0 CSRF / Shell Upload

Exploit Title : WordPress 5.0.4 FormCraft Plugins 2.0 CSRF Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 18/03/2019 Vendor Homepages : formcraft-wp.com ncrafts.net formcrafts.com Software Download Links : formcrafts.com/formcrafts-form-builder.zip...

WordPress FormCraft plugin <= 1.2.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Masaki Saito in WordPress FormCraft plugin versions = 1.2.1. Solution Update the WordPress FormCraft plugin to the latest available version at least 1.2.2...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

CVE-2019-5920

Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

CVE-2019-5920

Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

CVE-2019-5920

The CVE refers to the WordPress FormCraft plugin, version

CVE-2019-5920

Cross-site request forgery CSRF vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...

WordPress plugin 'FormCraft' cross-site request forgery vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin 'FormCraft'. If a user logs into the WordPress admi...

WordPress plugin "FormCraft" vulnerable to cross-site request forgery

Overview The WordPress plugin "FormCraft" provided by nCrafts contains a cross-site request forgery vulnerability CWE-352. Masaki Saito of TDU Cryptography Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

FormCraft <= 1.2.1 - Cross-Site Request Forgery (CSRF)

The FormCraft – Contact Form Builder for WordPress WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...

JVN#83501605: WordPress plugin "FormCraft" vulnerable to cross-site request forgery

The WordPress plugin "FormCraft" provided by nCrafts contains a cross-site request forgery vulnerability CWE-352. Impact Unintended operations may be performed if a user logs into the WordPress administration screen and browses a malicious page. Those operations may include generating new forms,...

formcraft-wp.com XSS vulnerability

Open Bug Bounty ID: OBB-569334 Description| Value ---|--- Affected Website:| formcraft-wp.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

formcraft-wp.com XSS vulnerability

Open Bug Bounty ID: OBB-548115 Description| Value ---|--- Affected Website:| formcraft-wp.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...