WordPress plugin Formidable Form Builder 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

VulnCheck KEV: CVE-2017-20194

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frmformspreview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form...

VulnCheck KEV: CVE-2017-20192

The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'afterhtml' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

WordPress Formidable Forms plugin <=2.05.02 - Multiple vulnerabilities

Multiple vulnerabilities found by Jouko Pynnönen in WordPress Formidable Forms plugin versions =2.05.02. Unauthenticated preview function allowing shortcodes, unauthenticated form entries retrieval and Server-Side Code Execution via iThemes Sync. Solution Update the WordPress Formidable Forms...