Lucene search
K

4 matches found

NVD
NVD
added 2024/05/02 5:15 p.m.22 views

CVE-2024-3585

The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...

5.3CVSS5AI score0.00691EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/02 4:51 p.m.23 views

CVE-2024-3585 Send PDF for Contact Form 7 <= 1.0.2.3 - Missing Authorization

The Send PDF for Contact Form 7 plugin for WordPress is vulnerable to unauthorized access of form submissions due to a missing capability check on the hooks function in all versions up to, and including, 1.0.2.3. This makes it possible for unauthenticated attackers to download information about...

5.3CVSS5.3AI score0.00691EPSS
Exploits0References3
CVE
CVE
added 2024/05/02 4:51 p.m.76 views

CVE-2024-3585

CVE-2024-3585 describes a vulnerability in the Send PDF for Contact Form 7 plugin for WordPress. It permits unauthenticated access to form submissions (including PDFs) due to a missing capability check on the hooks function in all versions up to and including 1.0.2.3, enabling information exposur...

5.3CVSS5AI score0.00691EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/04/24 12:0 a.m.10 views

WordPress Send PDF for Contact Form 7 Plugin <= 1.0.2.3 is vulnerable to Broken Access Control

Software Send PDF for Contact Form 7 Type Plugin Vulnerable versions = 1.0.2.3 Fixed in 1.0.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3585 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 13d8f4997e3b Credits Krzysztof Zają...

5.3CVSS6.9AI score0.00691EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder