Lucene search
Amir Hossein FallahiWPVDB-ID:C7CE2649-B2B0-43F4-994D-07B1023405E9HistoryMar 25, 2024 - 12:00 a.m.
Smart Forms < 2.6.94 - Edit Entries via CSRF
2024-03-2500:00:00
Amir Hossein Fallahi
wpscan.com
2
smart forms
csrf
vulnerability
entry editing
attackers
logged-in users
Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
PoC
CSRF PoC
| CPE | Name | Operator | Version |
|---|---|---|---|
| eq | 2.6.94 |
Related
cve
cve
CVE-2024-1306
2024-04-15 05:15:14
wpexploit
wpexploit
Smart Forms < 2.6.94 - Edit Entries via CSRF
2024-03-25 00:00:00
nvd
nvd
CVE-2024-1306
2024-04-15 05:15:14
cvelist
cvelist
CVE-2024-1306 Smart Forms < 2.6.94 - Edit Entries via CSRF
2024-04-15 05:00:03
wordfence
wordfence
6.5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.2%
Related for WPVDB-ID:C7CE2649-B2B0-43F4-994D-07B1023405E9