WordPress EleForms Plugin <= 2.9.9.9 is vulnerable to Cross Site Request Forgery (CSRF)

Software EleForms Type Plugin Vulnerable versions = 2.9.9.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6628 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5925dd673838 Credits Lucio Sá Required privilege...

WordPress EleForms Plugin <= 2.9.9.9 is vulnerable to Broken Access Control

Software EleForms Type Plugin Vulnerable versions = 2.9.9.9 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6626 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fddc69a5e9e3 Credits Lucio Sá Required privilege...

WordPress EleForms Plugin <= 2.9.9.7 is vulnerable to Cross Site Scripting (XSS)

Software EleForms Type Plugin Vulnerable versions = 2.9.9.7 Fixed in 2.9.9.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2082 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6aef5e4da6df Credits Francesco Carlucci...