3 matches found
CVE-2022-23180
The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.4 doesn't have authorisation and nonce checks, which could allow any authenticated users, such as subscriber to update and change various settings...
CVE-2022-23180
creationtimestamp| type| source ---|---|--- 2024-01-24 17:16:52+00:00| seen| https://t.me/ctinow/172923 2024-02-06 14:46:32+00:00| seen| https://t.me/ctinow/180028...
CVE-2022-23180
Summary of CVE-2022-23180 (WordPress plugin: Contact Form & Lead Form Elementor Builder) Affected product: WordPress plugin Contact Form & Lead Form Elementor Builder, versions prior to 1.7.4.Root cause: Missing authorization and nonce checks in the plugin, allowing bypass by authenticated users....