93 matches found
WordPress plugin JetFormBuilder 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
JetFormBuilder < 3.1.5 - Unauthenticated Content Injection
Description The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to content injection in all versions up to, and including, 3.1.4. This makes it possible for unauthenticated attackers to inject content onto the site...
WordPress JetFormBuilder Plugin <= 3.1.4 is vulnerable to Content Injection
Software JetFormBuilder Type Plugin Vulnerable versions = 3.1.4 Fixed in 3.1.5 OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2023-48763 Patch priority Low CVSS severity Low 5.3 Developer Crocoblock PSID fd2d4da6e79b Credits Revan Arifio Required privilege Unauthenticated...
WordPress JetFormBuilder Plugin <= 3.0.8 is vulnerable to Privilege Escalation
Software JetFormBuilder Type Plugin Vulnerable versions = 3.0.8 Fixed in 3.0.9 OWASP Top 10 A7: Identification and Authentication Failures Classification Privilege Escalation CVE CVE-2023-37866 Patch priority Medium CVSS severity Medium 7.2 Developer Crocoblock PSID bb75400351be Credits Rafie...
CVE-2023-33212
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...
CVE-2023-33212
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...
CVE-2023-33212 WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...
CVE-2023-33212
CVE-2023-33212 : Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin with version <= 3.0.6 contains a CSRF vulnerability (unauthenticated). The issue is mitigated by upgrading to version 3.0.7 or later. Multiple sources confirm the vulnerability details and patch, e.g., PatchStack n...
CVE-2023-33212 WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin = 3.0.6 versions...
WordPress plugin JetFormBuilder — Dynamic Blocks Form Builder 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
PT-2023-24223 · Crocoblock · Crocoblock Jetformbuilder
Name of the Vulnerable Software and Affected Versions: Crocoblock JetFormBuilder — Dynamic Blocks Form Builder plugin versions 3.0.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into...
WordPress JetFormBuilder Plugin <= 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software JetFormBuilder Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-33212 Patch priority Low CVSS severity Low 4.3 Developer Crocoblock PSID 7e5a8125e34f Credits Nguyen Xuan Chien Require...