2 matches found
CVE-2023-6325 RomethemeForm For Elementor <= 1.1.5 - Missing Authorization via export_entries, rtformnewform, and rtformupdate
The RomethemeForm For Elementor plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the exportentries, rtformnewform, and rtformupdate functions in all versions up to, and including, 1.1.5. This makes it possible for...
CVE-2023-6325
CVE-2023-6325 concerns the RomethemeForm For Elementor WordPress plugin. The vulnerability arises from a missing capability check in export_entries, rtformnewform, and rtformupdate, affecting all versions up to 1.1.5. Consequences include unauthenticated export of form submissions, creation of ne...