6 matches found
CVE-2023-47823 WordPress FormCraft – Contact Form Builder for WordPress plugin <= 1.2.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in nCrafts FormCraft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FormCraft: from n/a through 1.2.7...
CVE-2023-22717 WordPress FormCraft Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in nCrafts FormCraft plugin = 1.2.6 versions...
WordPress FormCraft Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)
Software FormCraft Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.2.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-22717 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2506902e7f8e Credits István Márton Required...
WordPress FormCraft plugin CSRF backdoor access vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A CSRF backdoor access vulnerability exists in the WordPress FormCraft plugin, which can be exploited by an attacker to perform arbitrary operations by inducing the...
WordPress plugin 'FormCraft' cross-site request forgery vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin 'FormCraft'. If a user logs into the WordPress admi...
WordPress FormCraft Plugins - Cross-Site Scripting Image type Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress Plugins FormCraft - Cross-Site Scripting Image Type Google Dork: inurl:/wp-content/plugins/formcraft/ Exploit Author: AlHikam0x Tested on: Ubuntu Proof of Concept Check blank page :...