3 matches found
CVE-2026-57378
The CVE-2026-57378 entry describes a Missing Authorization vulnerability in the WordPress plugin Advanced Forms (Phil Kurth) affecting versions up to and including 1.9.3.7. The issue arises from incorrectly configured access control, enabling unauthorized actions without sufficient privileges. Do...
CVE-2026-57378 WordPress Advanced Forms plugin <= 1.9.3.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Phil Kurth Advanced Forms advanced-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Forms: from n/a through = 1.9.3.7...
WordPress Advanced Forms plugin <= 1.6.8 - Arbitrary User Email Address Update via IDOR vulnerability
Arbitrary User Email Address Update via IDOR vulnerability discovered by Suppawit Punhakit in WordPress Advanced Forms plugin versions = 1.6.8. Solution Update the WordPress Advanced Forms plugin to the latest available version at least 1.6.9...