4 matches found
EUVD-2025-33844
The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to authorization bypass in versions less than, or equal to, 1.3.27. This is due to a missing capability check on the 'installplugin' function. This makes it possible for authenticated attackers, with subscriber-level access...
CVE-2025-8593
CVE-2025-8593 affects the GSheetConnector For Gravity Forms WordPress plugin, with versions
CVE-2025-8593 GSheetConnector For Gravity Forms <= 1.3.27 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation
The GSheetConnector For Gravity Forms plugin for WordPress is vulnerable to authorization bypass in versions less than, or equal to, 1.3.27. This is due to a missing capability check on the 'installplugin' function. This makes it possible for authenticated attackers, with subscriber-level access...
PT-2025-41677
Name of the Vulnerable Software and Affected Versions GSheetConnector For Gravity Forms plugin for WordPress versions prior to 1.3.28 Description The GSheetConnector For Gravity Forms plugin for WordPress is susceptible to an authorization bypass. This occurs because of a missing capability check...