4 matches found
CVE-2024-2782
creationtimestamp| type| source ---|---|--- 2025-08-03 09:00:06+00:00| published-proof-of-concept| Telegram/k9l6whAFym9ZbJh5WMNbuyJuC8dcnnMOMGxizovh2wCYo8 2025-08-05 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lvom743f4v2n 2025-09-16 21:02:31+00:00| seen|...
WordPress FluentForm Plugin <= 5.1.16 is vulnerable to Broken Access Control
Software FluentForm Type Plugin Vulnerable versions = 5.1.16 Fixed in 5.1.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2782 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID c154cbdbc6dd Credits Tobias Weißhaar kun19 Required...
CVE-2024-2782
CVE-2024-2782 affects WordPress plugin Fluent Forms (Contact Form Plugin for Quiz, Survey, and Drag & Drop WP Form Builder) versions
CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...