2 matches found
CVE-2024-6565
CVE-2024-6565 (AForms – Form Builder for Price Calculator & Cost Estimation, WordPress) is an information disclosure vulnerability in all versions up to 2.2.6, caused by the plugin’s use of the aura library and direct access to phpunit test files, enabling unauthenticated full path disclosure. Pu...
WordPress AForms Plugin <= 2.2.6 is vulnerable to Sensitive Data Exposure
Software AForms Type Plugin Vulnerable versions = 2.2.6 Fixed in 2.2.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-6565 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 25ef6cfd65dd Credits stealthcopter Required privilege...