CVE-2023-2517
Metform Elementor Contact Form Builder for WordPress is affected by CSRF in versions up to 3.3.2 due to missing/incorrect nonce validation in permalink_setup, enabling unauthenticated attackers to alter permalink structures via forged requests if a site admin is tricked. The issue is caused by no...