4 matches found
CVE-2015-1874
Cross-site request forgery CSRF vulnerability in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the...
CVE-2015-1874
CVE-2015-1874 affects the WordPress plugin Contact Form DB (CFDB / contact-form-7-to-database-extension) up to version 2.8.31 (before 2.8.32). The vulnerability is a CSRF flaw that allows an attacker to hijack an authenticated administrator’s session to perform a privileged action: deleting all r...
CVE-2015-1874
Cross-site request forgery CSRF vulnerability in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the...
WordPress Contact Form DB 2.8.29 Cross Site Request Forgery
Details ================ Software: Contact Form DB Version: 2.8.29 Homepage: https://wordpress.org/plugins/contact-form-7-to-database-extension/ Advisory report: https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/ CVE: CVE-2015-1874...