CVE-2023-0552

The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability

CVE-2023-5134

The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with sub...