3 matches found
WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms versions = 1.4.6...
WordPress Contact Form Widget plugin <= 1.4.6 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Contact Form Widget versions = 1.4.6...
Vault Leases Created with Batch Tokens have Invalid Expiration
Summary HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. This vulnerability, CVE-2020-25816, was fixed in 1.4.7 and 1.5.4. Background Vault allows the issuance of batch...