CVE-2023-0692 in Metform Elementor Contact Form Builder Pluginالمعلومات

الملخص

بحسب MITRE • 09/06/2023

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the payment status of arbitrary form submissions.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

مسؤول

Wordfence

حجز

06/02/2023

إفشاء

09/06/2023

الاعتدال

تمت الموافقة

إدخال

VDB-231119

EPSS

0.00603

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Do you need the next level of professionalism?

Upgrade your account now!