Design/Logic Flaw

The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to...

CVE-2024-1400 Mollie Forms <= 2.6.3 - Missing Authorization to Arbitrary Post Duplication

The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to...

CVE-2024-1400 Mollie Forms <= 2.6.3 - Missing Authorization to Arbitrary Post Duplication

The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to...

CVE-2024-1645 Mollie Forms <= 2.6.3 - Missing Authorization

The Mollie Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportRegistrations function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to export...

CVE-2024-1645

The Mollie Forms WordPress plugin (CVE-2024-1645) is vulnerable due to a missing capability check in exportRegistrations in all versions up to 2.6.3. This allows authenticated users with subscriber-level privileges or higher to export payment data. Wordfence and Red Hat entries corroborate the vu...

CVE-2024-1645 Mollie Forms <= 2.6.3 - Missing Authorization

The Mollie Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportRegistrations function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to export...

CVE-2024-1400

CVE-2024-1400 affects the Mollie Forms WordPress plugin. The vulnerability is a missing capability check in the duplicateForm function across versions up to 2.6.3, enabling authenticated attackers with subscriber access or higher to duplicate arbitrary posts/pages. The Wordfence data for this CVE...

WordPress Mollie Forms Plugin <= 2.6.3 is vulnerable to Broken Access Control

Software Mollie Forms Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1400 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 216cfadafbb9 Credits Lucio Sá Required privilege...

WordPress Mollie Forms Plugin <= 2.6.3 is vulnerable to Broken Access Control

Software Mollie Forms Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1645 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 435afd135b3a Credits Lucio Sá Required privilege...

WordPress plugin Mollie Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-18192 · WordPress · Mollie Forms

Name of the Vulnerable Software and Affected Versions: Mollie Forms plugin for WordPress versions up to, and including, 2.6.3 Description: The issue is related to unauthorized access of data due to a missing capability check on the exportRegistrations function. This allows authenticated attackers...

WordPress plugin Mollie Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

Mollie Forms < 2.6.4 - Missing Authorization

Description The Mollie Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportRegistrations function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, t...

Mollie Forms < 2.6.4 - Missing Authorization to Arbitrary Post Duplication

Description The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or highe...

PT-2024-18011 · WordPress · Mollie Forms

Name of the Vulnerable Software and Affected Versions: Mollie Forms plugin for WordPress versions up to, and including, 2.6.3 Description: The issue is related to a missing capability check on the duplicateForm function, allowing authenticated attackers with subscriber access or higher to duplica...

Fedora: Security Advisory for jgoodies-forms (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jgoodies-forms-1.9.0-11.fc40

The JGoodies Forms framework helps you lay out and implement elegant Swing panels quickly and consistently. It makes simple things easy and the hard stu ff possible, the good design easy and the bad difficult...

CVE-2024-1170

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handledeletedmedia function in all versions up to, and including,...

Fluent Forms < 5.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Fluent Forms plugin for WordPress by Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.9 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web...

PT-2024-17196 · WordPress · The Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions

Name of the Vulnerable Software and Affected Versions: The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress versions up to, and including, 2.8.7 Description: The issue is related to unauthorized media file deleti...