4 matches found
CVE-2023-5417
The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfupdatecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...
CVE-2023-5417
creationtimestamp| type| source ---|---|--- 2023-12-20 13:48:36+00:00| seen| https://t.me/ctinow/156960...
CVE-2023-5417
The CVE-2023-5417 entry concerns Funnelforms Free for WordPress. A missing capability check in the fnsf_update_category function affects versions up to and including 3.4, allowing authenticated attackers with subscriber-level permissions and above to modify the Funnelforms category for a given po...
CVE-2023-5417 Funnelforms Free <= 3.4 - Missing Authorization to Category Update
The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsfupdatecategory function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above,...