2 matches found
CVE-2024-6550 Gravity Forms: Multiple Form Instances <= 1.1.1 - Unauthenticated Full Path Disclosure
The Gravity Forms: Multiple Form Instances plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.1. This is due to the plugin leaving test files with displayerrors on. This makes it possible for unauthenticated attackers to retrieve the full path of...
WordPress Gravity Forms: Multiple Form Instances Plugin <= 1.1.1 is vulnerable to Full Path Disclosure (FPD)
Software Gravity Forms: Multiple Form Instances Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A5: Security Misconfiguration Classification Full Path Disclosure FPD CVE CVE-2024-6550 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID af3116244e6e Credits...