4 matches found
CVE-2024-31270
CVE-2024-31270 is a Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder (WordPress plugin). Affected: ARForms Form Builder up to version 1.6.1. Root cause: missing authorization allows unauthorized access. Impact: as described in sources, includes missing access control...
CVE-2024-54223
CVE-2024-54223 is a documented HTML/Script-injection vulnerability in the ARForms Form Builder for WordPress (Contact Form - Repute InfoSystems). The issue is described as an improper neutralization of script-related HTML tags in a web page, resulting in a Basic XSS and potential code injection. ...
CVE-2024-31272
ARForms Form Builder (WordPress plugin) has a CSRF vulnerability affecting versions up to 1.6.1. The connected sources confirm the issue and affected range, but do not provide a publicly documented fix/version to remediate within the provided documents.
CVE-2024-37920
CVE-2024-37920 (ARForms Form Builder) is a Reflected XSS in ARForms Form Builder for WordPress, affecting 1.6.7 and earlier. The issue arises from improper input neutralization during web page generation, enabling reflected scripts. The Red Hat/NVD entries confirm the vulnerability details and ma...