4 matches found
WordPress Advanced Forms Plugin <= 1.9.3.2 is vulnerable to Broken Access Control
Software Advanced Forms Type Plugin Vulnerable versions = 1.9.3.2 Fixed in 1.9.3.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1121 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5521bfbfd051 Credits Francesco Carlucci Required...
CVE-2024-1121
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportjsonfile function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings...
CVE-2024-1121
The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportjsonfile function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings...
CVE-2024-1121
CVE-2024-1121 concerns the WordPress plugin Advanced Forms for ACF . The issue is a missing capability check in the function export_json_file(), affecting all versions up to and including 1.9.3.2, enabling unauthenticated attackers to export form settings (unauthorized data access). Public source...