7 matches found
CVE-2023-1405
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1405
creationtimestamp| type| source ---|---|--- 2024-01-16 17:27:03+00:00| seen| https://t.me/ctinow/168904 2024-01-23 17:17:00+00:00| seen| https://t.me/ctinow/172140 2025-06-11 17:34:28+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18100 2025-09-29 21:02:20+00:00| seen|...
CVE-2023-1405
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1405 Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1405 Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present...
CVE-2023-1405
CVE-2023-1405 affects the Formidable Forms WordPress plugin up to version 6.1.2. It arises from unserializing user input, enabling unauthenticated PHP Object Injection when a suitable gadget is present. Impact is HIGH (I:HIGH, A:NONE) with remote attacker access. Mitigation: upgrade to version 6....
WordPress Formidable Forms Plugin <= 6.1.2 is vulnerable to PHP Object Injection
Software Formidable Forms Type Plugin Vulnerable versions = 6.1.2 Fixed in 6.2 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-1405 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID e0f1ba3999f1 Credits Nguyen Huu Do Required privilege...