CVE-2025-68582 WordPress Funnelforms Free plugin <= 3.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Funnelforms Funnelforms Free funnelforms-free allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Funnelforms Free: from n/a through = 3.8...

PT-2025-53270

Name of the Vulnerable Software and Affected Versions Funnelforms versions prior to 3.9 Description An authorization issue exists in Funnelforms Free that allows exploitation of incorrectly configured access control security levels. Recommendations Update to version 3.9 or later...

WordPress plugin Funnelforms Free 安全漏洞

Funnelforms Free is a free plugin that focuses on helping webmasters increase conversions through multi-step forms and contact forms. WordPress Funnelforms Free suffers from a lack of authorization vulnerability, which can be exploited by an attacker to perform an unauthorized operation via a...

EUVD-2024-33516

Malicious code in bioql PyPI...

EUVD-2023-57701

Malicious code in bioql PyPI...

EUVD-2023-57731

Malicious code in bioql PyPI...

EUVD-2023-57726

Malicious code in bioql PyPI...

EUVD-2023-57734

Malicious code in bioql PyPI...

EUVD-2023-57700

Malicious code in bioql PyPI...

EUVD-2024-47427

Malicious code in bioql PyPI...

EUVD-2024-47000

Malicious code in bioql PyPI...

EUVD-2023-57732

Malicious code in bioql PyPI...

EUVD-2024-48369

Malicious code in bioql PyPI...

EUVD-2023-57730

Malicious code in bioql PyPI...

CVE-2024-7447

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'fnsfaf2handelfileupload' function in all versions up to, and including, 3.7.3.2. Th...

CVE-2024-5857

The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the af2handelfileremove AJAX action in all versions up to, and including, 3.7.3.2. This makes it...

CVE-2023-5416

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfdeletecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

CVE-2023-5415

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfaddcategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2023-5417

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfupdatecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...

CVE-2023-5386

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfdeleteposts function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...