Lucene search

K

Ndijkstra Security Vulnerabilities

cve
cve

CVE-2024-2368

The Mollie Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.13. This is due to missing or incorrect nonce validation on the duplicateForm() function. This makes it possible for unauthenticated attackers to duplicate forms via a forged....

4.3CVSS

6.7AI Score

0.0005EPSS

2024-06-05 07:15 AM
24
cve
cve

CVE-2024-1645

The Mollie Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the exportRegistrations function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to export...

4.3CVSS

5.2AI Score

0.0004EPSS

2024-03-11 10:15 PM
31
cve
cve

CVE-2024-1400

The Mollie Forms plugin for WordPress is vulnerable to unauthorized post or page duplication due to a missing capability check on the duplicateForm function in all versions up to, and including, 2.6.3. This makes it possible for authenticated attackers, with subscriber access or higher, to...

4.3CVSS

5.3AI Score

0.0004EPSS

2024-03-11 10:15 PM
30
cve
cve

CVE-2021-4377

The Doneren met Mollie plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.8.5 via the dmm_export_donations() function which is called via the admin_post_dmm_export hook due to missing capability checks. This can allow authenticated attackers to...

6.5CVSS

6.1AI Score

0.001EPSS

2023-06-07 02:15 AM
10