Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
FunnelformsFunnelforms Free*

3 matches found

CVE
CVEadded 2024/08/28 11:31 a.m.59 views

CVE-2024-7447

CVE-2024-7447 affects the Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free (WordPress). The vulnerability is due to a missing capability check in fnsf_af2_handel_file_upload, affecting all versions up to 3.7.3.2. This allows unauthenticated attackers...

5.3CVSS5.7AI score0.00402EPSS
CVE
CVEadded 2023/12/04 9:29 p.m.57 views

CVE-2023-5990

CVE-2023-5990 affects the WordPress plugin Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor (Funnelforms Free) prior to version 3.4.2. The issue is lack of CSRF protection on certain admin actions (e.g., deleting/duplicating forms), enabling an authenticated attacker t...

6.5CVSS5.4AI score0.0027EPSS
Web
CVE
CVEadded 2024/08/29 3:30 a.m.56 views

CVE-2024-5857

CVE-2024-5857 affects Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free (WordPress). A missing capability check on the af2_handel_file_remove AJAX action in all versions up to 3.7.3.2 allows unauthenticated attackers to delete arbitrary media files. C...

5.3CVSS5.6AI score0.00317EPSS