Lucene search
K
FormviewswpViews For Wpforms

5 matches found

CVE
CVE
added 2024/02/05 9:21 p.m.69 views

CVE-2024-0370

The CVE-2024-0370 entry affects Views for WPForms – Display & Edit WPForms Entries on your site frontend (WordPress), vulnerable versions up to and including 3.2.2. The root cause is a missing authorization check in the save_view function, enabling authenticated users with subscriber access and a...

4.3CVSS5.3AI score0.00428EPSS
CVE
CVE
added 2024/02/05 9:21 p.m.64 views

CVE-2024-0372

CVE-2024-0372 affects the WordPress plugin Views for WPForms Lite up to version 3.2.2, with a missing authorization check in get_form_fields that allows authenticated users with subscriber+ role to create or view form data. The issue is rooted in an improper permission check for the get_form_fiel...

4.3CVSS5.2AI score0.00359EPSS
CVE
CVE
added 2024/02/05 9:21 p.m.61 views

CVE-2024-0371

CVE-2024-0371 concerns the WordPress plugin Views for WPForms – Display & Edit WPForms Entries on your site frontend. The issue is a missing capability check in the create_view function, affecting all versions up to and including 3.2.2, enabling authenticated users with subscriber access and abov...

4.3CVSS5.2AI score0.00428EPSS
CVE
CVE
added 2024/02/05 9:22 p.m.56 views

CVE-2024-0373

The CVE-2024-0373 entry concerns the WordPress plugin Views for WPForms – Display & Edit WPForms Entries on your site frontend, vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in the save_view function. Affected versions are all up to and including 3.2.2. The...

4.3CVSS5.3AI score0.00234EPSS
CVE
CVE
added 2024/02/05 9:21 p.m.55 views

CVE-2024-0374

CVE-2024-0374 affects the WordPress plugin Views for WPForms – Display & Edit WPForms Entries on your site frontend. The issue is CSRF due to missing/incorrect nonce validation in the create_view function, allowing unauthenticated attackers to create views via a forged request if they trick an ad...

4.3CVSS5.2AI score0.00234EPSS