CVE-2024-35174 WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability

Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...

CVE-2024-35174

CVE-2024-35174 is a Missing Authorization vulnerability in the Flo Forms plugin for WordPress, affecting Flo Forms versions up to 1.0.42. The root cause, per sources, is broken access control that permits unauthorized access to Flo Forms data; exploitation details are not provided in the document...

CVE-2024-35174 WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability

Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...

CVE-2024-23522

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7...

CVE-2024-23522

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7...

CVE-2024-23522 WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7...

CVE-2024-23522 WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7...

CVE-2024-23522

CVE-2024-23522 affects WordPress Formidable Forms plugin versions

WordPress plugin Formidable Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin Flo Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2024-19924 · Unknown · Formidable Forms

Name of the Vulnerable Software and Affected Versions: Formidable Forms versions through 6.7 Description: The issue is related to an Improper Neutralization of Script-Related HTML Tags in a Web Page, also known as Basic XSS, allowing Code Injection in Formidable Forms. Recommendations: For versio...

PT-2024-26356 · Flothemes · Flo Forms

Name of the Vulnerable Software and Affected Versions: Flo Forms versions 1.0.42 and earlier Description: The issue is related to a Missing Authorization vulnerability in Flothemes Flo Forms. Recommendations: For versions 1.0.42 and earlier, update to a version later than 1.0.42 to resolve the...

Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms < 1.2.1 - Cross-Site Request Forgery

Description The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the settingspage function. This makes...

Flo Forms <= 1.0.42 - Missing Authorization

Description The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 1.0.42. This makes it possible for unauthenticated attackers to perform an unauthorized action...

WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <=1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms versions = 1.3.9...

TYPO3 跨站脚本漏洞

TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 CMS, which stems from the back-end module of the Forms Manager that is susceptible to cross-site scripting attacks. The affected...

WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Flo Forms versions = 1.0.42...

CVE-2024-34817 WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0...

CVE-2024-34817 WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0...

CVE-2024-34817

CVE-2024-34817 is a CSRF vulnerability in the Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms WordPress plugin. Affected versions are up to 1.2.0 (exact start version not provided). The vulnerability allows unauthorized cross-site actions due to CSRF, with the CVSS/a...