5 matches found
CVE-2018-25352
The CVE-2018-25352 entry concerns the WordPress plugin Ultimate Form Builder Lite (version 1.3.7 and earlier). The vulnerability is a SQL injection in the entry_id parameter, exploitable via POST to admin-ajax.php with the ufbl_get_entry_detail_action action. Authenticated attackers can manipulat...
WordPress Ultimate Form Builder 1.0 Database Disclosure
Exploit Title : WordPress Ultimate Form Builder Plugins 1.0 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 28/03/2019 Vendor Homepage : access-keys.com Software Information Link : codecanyon.net/item/ultimate-form-builder/14644208...
WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection Vulnerability
Exploit for php platform in category web applications Title: WordPress Ultimate Form Builder Lite Plugin getrow Vulnerable Variable: $POST'entryid' Vulnerable URL: http://vulnerablesite.com/wp-admin/admin-ajax.php Vulnerable POST body:...
WordPress Plugin Ultimate Form Builder Lite 1.3.7 - SQL Injection
WordPress Plugin Ultimate Form Builder Lite 1.3.7 - SQL Injection Title: WordPress Ultimate Form Builder Lite Plugin getrow Vulnerable Variable: $POST'entryid' Vulnerable URL: http://vulnerablesite.com/wp-admin/admin-ajax.php Vulnerable POST body:...
WordPress Ultimate Form Builder Lite 1.3.7 XSS / SQL Injection
DefenseCode ThunderScan SAST Advisory: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities XSS and SQLi Advisory ID: DC-2018-05-009 Advisory Title: WordPress Ultimate Form Builder Lite Plugin Multiple Vulnerabilities XSS and SQLi Advisory URL:...