CVE-2022-1442 Metform Elementor Contact Form Builder <= 2.1.3 - Sensitive Information Disclosure

The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the /core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe,...

CVE-2022-1442

CVE-2022-1442 affects the WordPress Metform plugin up to version 2.1.3. The vulnerability stems from improper access control in the ~/core/forms/action.php file, allowing an unauthenticated attacker to view API keys and secrets for multiple integrated third‑party services (e.g., PayPal, Stripe, M...

WordPress plugin Metform 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress plugin Metform is vulnerable to an information disclosure vulnerability, which stems from...

PT-2022-13893

Name of the Vulnerable Software and Affected Versions Metform WordPress plugin versions up to and including 2.1.3 Description The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the /core/forms/action.php file. This can be exploited by ...

WordPress Metform Elementor Contact Form Builder plugin <= 2.1.3 - Unauthenticated API keys and Secrets Disclosure vulnerability

Unauthenticated API keys and Secrets Disclosure vulnerability discovered by Muhammad Zeeshan Xib3rR4dAr in WordPress Metform Elementor Contact Form Builder plugin versions = 2.1.3. Solution Update the WordPress Metform Elementor Contact Form Builder plugin to the latest available version at least...