Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:B0943159-D164-4A5B-88BC-E0ADA28BEB32
HistoryJan 13, 2021 - 12:00 a.m.

Elementor Contact Form DB < 1.6 - Plugin Settings Cross-Site Request Forgery

2021-01-1300:00:00
wpscan.com
11
elementor
contact form
db
plugin
settings
cross-site request forgery
attackers
logged in administrators

EPSS

0.001

Percentile

43.6%

JSON

The plugin lacked CSRF nonces, which could allow attackers to make logged in administrators perform unwanted actions, such as change the plugin’s settings via a CSRF attack.

Related

patchstack 1
cve 1
cvelist 1
nvd 1
prion 1
patchstack
patchstack
WordPress Elementor Contact Form DB plugin <= 1.5 - Cross-Site Request Forgery (CSRF) via backend admin pages vulnerability
2021-01-12 00:00:00
cve
cve
CVE-2021-3133
2021-01-12 19:15:13
cvelist
cvelist
CVE-2021-3133
2021-01-12 18:57:19
nvd
nvd
CVE-2021-3133
2021-01-12 19:15:13
prion
prion
Cross site request forgery (csrf)
2021-01-12 19:15:00

EPSS

0.001

Percentile

43.6%

JSON
Related for WPVDB-ID:B0943159-D164-4A5B-88BC-E0ADA28BEB32
patchstack1cve1cvelist1nvd1prion1