3 matches found
CVE-2026-44199
Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to form pages could delete submissions to form pages they don't have access to by crafting a form submission to delete submissions on a page they do have access to f...
EUVD-2022-6659
Malicious code in bioql PyPI...
WordPress Forminator Plugin CVE-2019-9568
Description The action of deleting submissions is vulnerable to blind SQL injection. An attacker can exploit this to extract data from the database. An account with the permission to delete submissions is required. Proof of Concept View submissions, eg at...