VulnCheck KEV: CVE-2024-32706

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4...

WordPress ARForms Plugin <= 6.4 is vulnerable to SQL Injection

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32706 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID e8475500673b Credits Dave Jong Patchstack Required privilege Subscriber...

VulnCheck KEV: CVE-2024-32702

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Repute info systems ARForms allows Reflected XSS.This issue affects ARForms: from n/a through 6.4...

WordPress ARForms Plugin <= 6.4 is vulnerable to Cross Site Scripting (XSS)

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32702 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2ac8f7cc23af Credits Dave Jong Patchstack Required privilege...

WordPress ARForms Plugin <= 6.4 is vulnerable to Settings Change

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-32705 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 849f4eb72992 Credits Dave Jong Patchstack Required privilege...

VulnCheck KEV: CVE-2024-32704

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

VulnCheck KEV: CVE-2024-32703

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

VulnCheck KEV: CVE-2024-32705

Missing Authorization vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through = 6.4...

WordPress ARForms Plugin <= 6.4 is vulnerable to Arbitrary File Deletion

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-32703 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 3d075249b9fb Credits Dave Jong Patchstack Required...

WordPress ARForms Plugin <= 6.4 is vulnerable to Settings Change

Software ARForms Type Plugin Vulnerable versions = 6.4 Fixed in 6.4.1 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-32704 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bcff8bbe359f Credits Dave Jong Patchstack Required privilege...

CVE-2024-31272

Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

CVE-2024-31272

Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

CVE-2024-31272

ARForms Form Builder (WordPress plugin) has a CSRF vulnerability affecting versions up to 1.6.1. The connected sources confirm the issue and affected range, but do not provide a publicly documented fix/version to remediate within the provided documents.

CVE-2024-31272 WordPress ARForms Form Builder plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

CVE-2024-31272 WordPress ARForms Form Builder plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Repute InfoSystems ARForms Form Builder.This issue affects ARForms Form Builder: from n/a through 1.6.1...

PT-2024-23917 · Repute Infosystems · Arforms Form Builder

Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARForms Form Builder versions 1.6.1 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software. This type of issue allows an attacker to trick a user into performing unintended actions on a web...

WordPress Plugin ARForms Form Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forgery...

ARForms Form Builder < 1.6.2 - Missing Authorization

Description The ARForms Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.6.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an...

WordPress ARForms Form Builder plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin ARForms Form Builder versions = 1.6.1...

WordPress ARForms Form Builder plugin <= 1.6.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin ARForms Form Builder versions = 1.6.1...