Lucene search
K

5 matches found

Nuclei
Nuclei
added 8 hours ago75 views

WordPress Visual Form Builder <3.0.8 - Information Disclosure

WordPress Visual Form Builder plugin before 3.0.8 contains a information disclosure vulnerability. The plugin does not perform access control on entry form export, allowing an unauthenticated user to export the form entries as CSV files using the vfb-export endpoint. id: CVE-2022-0140 info: name:...

5.3CVSS6.1AI score0.0384EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 11:25 p.m.5 views

CVE-2022-0140

The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint...

5.3CVSS6.9AI score0.0384EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/12 12:15 p.m.5 views

CVE-2022-0140

The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint...

5.3CVSS5.9AI score0.0384EPSS
Exploits1References4
Cvelist
Cvelist
added 2022/04/12 11:15 a.m.25 views

CVE-2022-0140 Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure

The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint...

5.6AI score0.0384EPSS
Exploits1References2
CVE
CVE
added 2022/04/12 11:15 a.m.109 views

CVE-2022-0140

The CVE-2022-0140 issue affects WordPress Visual Form Builder plugin prior to 3.0.6 (also documented up to 3.0.8 in Nuclei templates). The vulnerability is an information-disclosure flaw caused by missing access control on the entry form export (vfb-export endpoint), allowing unauthenticated user...

5.3CVSS5.3AI score0.0384EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder