2 matches found
CVE-2024-1306 Smart Forms < 2.6.94 - Edit Entries via CSRF
The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk...
CVE-2024-1306
CVE-2024-1306 affects the Smart Forms WordPress plugin prior to version 2.6.94. The Red Hat advisory and NVD entry describe a CSRF vulnerability where missing CSRF protections in certain actions allow logged-in users to be tricked into performing unintended actions (e.g., editing entries). Root c...