117 matches found
WordPress Smart Forms plugin <= 2.5.15 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found by Toshiharu Sugiyama in WordPress Smart Forms plugin versions = 2.5.15. Solution Update the WordPress Smart Forms plugin to the latest available version at least 2.6.16...
CVE-2019-5924
Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...
CVE-2019-5924
Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...
CVE-2019-5924
The CVE-2019-5924 issue affects the WordPress Smart Forms plugin (versions 2.6.15 and earlier). The root cause is a Cross-Site Request Forgery (CSRF) vulnerability that can allow an attacker to hijack an administrator’s authenticated session via a malicious page, enabling unauthorized actions suc...
CVE-2019-5924
Cross-site request forgery CSRF vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page...
PT-2019-17865 · Unknown · Smart Forms
Name of the Vulnerable Software and Affected Versions: Smart Forms versions 2.6.15 and earlier Description: A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators via a specially crafted page. Recommendations: For versions 2.6.15 and earlier,...
WordPress Smart Forms Cross-Site Request Forgery Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Smart Forms 2.6.15 and earlier versions. A remote attacker can...
JVN#97656108: WordPress plugin "Smart Forms" vulnerable to cross-site request forgery
The WordPress plugin "Smart Forms" provided by RedNao contains a cross-site request forgery vulnerability CWE-352. Impact Unintended operations may be performed if a user logs into the WordPress administration screen and browses a malicious page. Those operations may include generating new forms,...
Smart Forms <= 2.5.15 - Cross-Site Request Forgery (CSRF)
The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Request Forgery CSRF security vulnerability...
Smart Forms 2.1.0 - Cross-Site Scripting (XSS)
The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Ding peaks of the smart forms system across the directory to delete the file vulnerability-vulnerability warning-the black bar safety net
The impact of the system:peak peak smart form systemASP V1. 0 Mini Defective part: elseif Request. QueryString"action"="del" then 'QueryString transmission, not much to say f=Request. QueryString"f" ‘is the QueryString, get“f”variable if f"" then 'determine f whether the null character Set...
CVE-2004-2144
Baal Smart Forms pre-3.2 allows remote attackers to bypass authentication and gain system access via a direct request to regadmin.php. The issue is documented across multiple sources (CVE listing and PT Security advisory) and affects versions prior to 3.2. Remediation recommended: upgrade to Baal...
CVE-2004-2144
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php...
CVE-2004-2144
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php...
PT-2004-3039 · Baal · Baal Smart Forms
Name of the Vulnerable Software and Affected Versions: Baal Smart Forms versions prior to 3.2 Description: The issue allows remote attackers to bypass authentication and obtain system access via a direct request to "regadmin.php". Recommendations: For versions prior to 3.2, update to version 3.2 ...
[SA12649] Baal Smart Forms "Admin Change Password" Security Bypass
TITLE: Baal Smart Forms "Admin Change Password" Security Bypass SECUNIA ADVISORY ID: SA12649 VERIFY ADVISORY: http://secunia.com/advisories/12649/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Baal Smart Forms 3.x http://secunia.com/product/3949/ DESCRIPTION: ...