4 matches found
CVE-2024-3585
The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...
CVE-2024-3585 Send PDF for Contact Form 7 <= 1.0.2.3 - Missing Authorization
The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...
CVE-2024-3585
CVE-2024-3585 describes a vulnerability in the Send PDF for Contact Form 7 plugin for WordPress. It permits unauthenticated access to form submissions (including PDFs) due to a missing capability check on the hooks function in all versions up to and including 1.0.2.3, enabling information exposur...
WordPress Send PDF for Contact Form 7 Plugin <= 1.0.2.3 is vulnerable to Broken Access Control
Software Send PDF for Contact Form 7 Type Plugin Vulnerable versions = 1.0.2.3 Fixed in 1.0.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3585 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13d8f4997e3b Credits Krzysztof Zają...