4 matches found
WordPress Easy Registration Forms Plugin <= 2.1.1 is vulnerable to Sensitive Data Exposure
Software Easy Registration Forms Type Plugin Vulnerable versions = 2.1.1 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5134 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a5bfe7a3054b Credits Lana Codes Required...
CVE-2023-5134 Easy Registration Forms <= 2.1.1 - Authenticated (Subscriber+) Information Disclosure via Shortcode
The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erformsusermeta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...
CVE-2023-5134
CVE-2023-5134 affects the WordPress plugin “Easy Registration Forms”. The vulnerability stems from insufficient access controls on the shortcodes, specifically the erforms_user_meta shortcode. Versions up to and including 2.1.1 are susceptible. With subscriber-level capabilities or higher, an aut...
CVE-2023-5134 Easy Registration Forms <= 2.1.1 - Authenticated (Subscriber+) Information Disclosure via Shortcode
The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erformsusermeta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with...