4 matches found
CVE-2020-36720
The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the updateoption lacking proper authentication checks. This makes it possible for any authenticated attacker to change or delete the plugin's settings...
CVE-2020-36720
The CVE concerns the Kali Forms plugin for WordPress, affected up to version 2.1.1. Root cause: the update_option function lacks proper authentication checks, allowing any authenticated attacker to change or delete plugin settings. Impact is authenticated options changes, which can affect configu...
CVE-2020-36720 Kali Forms <= 2.1.1 - Missing Authorization to Settings Update
The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the updateoption lacking proper authentication checks. This makes it possible for any authenticated attacker to change or delete the plugin's settings...
CVE-2020-36720 Kali Forms <= 2.1.1 - Missing Authorization to Settings Update
The Kali Forms plugin for WordPress is vulnerable to Authenticated Options Change in versions up to, and including, 2.1.1. This is due to the updateoption lacking proper authentication checks. This makes it possible for any authenticated attacker to change or delete the plugin's settings...