WordPress Plugin Smart Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability previously existed...

WordPress Smart Forms Plugin < 2.6.94 is vulnerable to Broken Access Control

Software Smart Forms Type Plugin Vulnerable versions 2.6.94 Fixed in 2.6.94 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1307 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 966287948243 Credits Amir Hossein Fallahi Required...

PT-2024-17914 · WordPress · Smart Forms

Name of the Vulnerable Software and Affected Versions: The Smart Forms WordPress plugin versions prior to 2.6.94 Description: The issue is related to improper authorization in some actions within the plugin, allowing users with a low role, such as a subscriber, to perform unauthorized actions...