CVE-2017-20194 in Formidable Forms Plugininfo

Summary

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Wordfence

Reservation

10/15/2024

Disclosure

10/16/2024

Moderation

VulDB entry created

Entries

1: VDB-280584

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

5.3

EPSS

0.09327

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20194
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20194
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20194/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!