6 matches found
EUVD-2024-49877
Malicious code in bioql PyPI...
CVE-2024-9351
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...
CVE-2024-9351
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...
CVE-2024-9351
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...
CVE-2024-9351
Summary (CVE-2024-9351) The Forminator Forms plugin for WordPress (versions ≤ 1.35.1) is vulnerable to Cross-Site Request Forgery due to missing/incorrect nonce validation in the quiz creation path (create_module). This allows unauthenticated attackers to cause draft quizzes to be created if a si...
PT-2024-39586 · WordPress · The Forminator Forms
Name of the Vulnerable Software and Affected Versions: The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress versions up to, and including, 1.35.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on...