2 matches found
WordPress Gravity Forms Unique ID Plugin <= 1.5.5 is vulnerable to Content Spoofing
Software Gravity Forms Unique ID Type Plugin Vulnerable versions = 1.5.5 Fixed in 1.5.6 OWASP Top 10 A3: Injection Classification Content Spoofing CVE CVE-2024-0710 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID deacdbc2e22e Credits Karl Emil Nikka Required privilege...
CVE-2024-0710 GP Unique ID <= 1.5.5 - Unauthenticated Form Submission Unique ID Modification
The GP Unique ID plugin for WordPress is vulnerable to Unique ID Modification in all versions up to, and including, 1.5.5. This is due to insufficient input validation. This makes it possible for unauthenticated attackers to tamper with the generation of a unique ID on a form submission and repla...