CVE-2023-5416 in Funnelforms Free Plugininfo

Zusammenfassung

von MITRE • 22.11.2023

The Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnsf_delete_category function in versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete categories.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Zuständig

Wordfence

Reservieren

04.10.2023

Veröffentlichung

22.11.2023

Moderieren

akzeptiert

Eintrag

VDB-244291

CPE

bereit

EPSS

0.00403

KEV

nein

Aktivitäten

very low

Quellen

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!