Lucene search
K

4 matches found

NVD
NVD
added 2015/03/09 4:59 p.m.23 views

CVE-2015-1874

Cross-site request forgery CSRF vulnerability in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the...

6.8CVSS7AI score0.01465EPSS
Exploits2References5
CVE
CVE
added 2015/03/09 4:0 p.m.45 views

CVE-2015-1874

CVE-2015-1874 affects the WordPress plugin Contact Form DB (CFDB / contact-form-7-to-database-extension) up to version 2.8.31 (before 2.8.32). The vulnerability is a CSRF flaw that allows an attacker to hijack an authenticated administrator’s session to perform a privileged action: deleting all r...

6.8CVSS7.3AI score0.01465EPSS
Exploits2References5Affected Software1
Cvelist
Cvelist
added 2015/03/09 4:0 p.m.26 views

CVE-2015-1874

Cross-site request forgery CSRF vulnerability in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin before 2.8.32 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the...

7AI score0.01465EPSS
Exploits2References5
Packet Storm
Packet Storm
added 2015/03/04 12:0 a.m.32 views

WordPress Contact Form DB 2.8.29 Cross Site Request Forgery

Details ================ Software: Contact Form DB Version: 2.8.29 Homepage: https://wordpress.org/plugins/contact-form-7-to-database-extension/ Advisory report: https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/ CVE: CVE-2015-1874...

6.8CVSS0.3AI score0.01465EPSS
Exploits2
Rows per page
Query Builder