2 matches found
CVE-2021-4417
The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.13.4. This is due to missing or incorrect nonce validation on the listenforsavingexportschedule function. This makes it possible f...
CVE-2021-4417
The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is affected by a Cross-Site Request Forgery in versions up to 1.13.4, caused by missing/incorrect nonce validation in listen_for_saving_export_schedule(). This can let unauthenticated attackers export form subm...