Lucene search
K

4 matches found

Patchstack
Patchstack
added 2024/02/06 12:0 a.m.19 views

WordPress Advanced Forms Plugin <= 1.9.3.2 is vulnerable to Broken Access Control

Software Advanced Forms Type Plugin Vulnerable versions = 1.9.3.2 Fixed in 1.9.3.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1121 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5521bfbfd051 Credits Francesco Carlucci Required...

5.3CVSS6.5AI score0.00562EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/02/05 10:16 p.m.27 views

CVE-2024-1121

The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportjsonfile function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings...

5.3CVSS5.1AI score0.00562EPSS
Exploits0References2
OSV
OSV
added 2024/02/05 10:16 p.m.5 views

CVE-2024-1121

The Advanced Forms for ACF plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportjsonfile function in all versions up to, and including, 1.9.3.2. This makes it possible for unauthenticated attackers to export form settings...

5.3CVSS7.3AI score0.00562EPSS
Exploits0References2
CVE
CVE
added 2024/02/05 9:21 p.m.58 views

CVE-2024-1121

CVE-2024-1121 concerns the WordPress plugin Advanced Forms for ACF . The issue is a missing capability check in the function export_json_file(), affecting all versions up to and including 1.9.3.2, enabling unauthenticated attackers to export form settings (unauthorized data access). Public source...

5.3CVSS6AI score0.00562EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder