Orange Form plugin SQL Injection via CSRF vulnerability in "admin/orange-form-email.php" allows admin-level unauthorized deletion of arbitrary posts
Reporter | Title | Published | Views | Family All 7 |
---|---|---|---|---|
Prion | Cross site request forgery (csrf) | 28 Feb 202209:15 | – | prion |
Patchstack | WordPress Orange Form plugin <= 1.0 - SQL Injection (SQLi) via Cross-Site Request Forgery (CSRF) vulnerability | 29 Dec 202100:00 | – | patchstack |
NVD | CVE-2021-24704 | 28 Feb 202209:15 | – | nvd |
wpexploit | Orange Form <= 1.0 - SQL Injection via CSRF | 29 Dec 202100:00 | – | wpexploit |
CNVD | WordPress Orange Form Plugin SQL Injection Vulnerability | 2 Mar 202200:00 | – | cnvd |
Cvelist | CVE-2021-24704 Orange Form <= 1.0 - SQL Injection via CSRF | 28 Feb 202209:06 | – | cvelist |
CVE | CVE-2021-24704 | 28 Feb 202209:15 | – | cve |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo