Lucene search
K

3 matches found

Cvelist
Cvelist
added 2024/10/17 5:33 a.m.17 views

CVE-2024-9352 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Custom Form Creation

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom form 'createmodule' function. This makes it...

4.3CVSS0.00207EPSS
Exploits0References3
CVE
CVE
added 2024/10/17 5:33 a.m.50 views

CVE-2024-9352

CVE-2024-9352 (Forminator Forms for WordPress) is a CSRF vulnerability in all versions up to 1.35.1 caused by missing/incorrect nonce validation in the custom form function create_module. This allows unauthenticated attackers to cause a site administrator to draft forms by forging a request (e.g....

4.3CVSS4.6AI score0.00207EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/17 5:33 a.m.11 views

CVE-2024-9352 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Custom Form Creation

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the custom form 'createmodule' function. This makes it...

4.3CVSS6.5AI score0.00207EPSS
Exploits0References3
Rows per page
Query Builder