3 matches found
CVE-2024-1217
The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the awaitplugindeactivation function in all versions up to, and including, 2.3.41. This makes it possible for...
WordPress Contact Form builder with drag & drop - Kali Forms Plugin <= 2.3.41 is vulnerable to Broken Access Control
Software Contact Form builder with drag & drop - Kali Forms Type Plugin Vulnerable versions = 2.3.41 Fixed in 2.3.42 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1217 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID b229d70e3a1f...
CVE-2024-1217 Contact Form builder with drag & drop for WordPress – Kali Forms <= 2.3.41 - Missing Authorization to Arbitrary Plugin Deactivation
The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the awaitplugindeactivation function in all versions up to, and including, 2.3.41. This makes it possible for...