CVE-2023-5416 in Funnelforms Free Pluginالمعلومات

الملخص

بحسب MITRE • 22/11/2023

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsf_delete_category function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete categories.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

مسؤول

Wordfence

حجز

04/10/2023

إفشاء

22/11/2023

الاعتدال

تمت الموافقة

إدخال

VDB-244291

EPSS

0.00403

KEV

لا

النشاطات

منخفض جدًا

القطاع

Hostingprovider

المصادر

Do you know our Splunk app?

Download it now for free!