CVE-2025-11991 in JetFormBuilder Plugin정보

요약

\~에 의해 MITRE • 2025. 12. 16.

The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the run_callback function in all versions up to, and including, 3.5.3. This makes it possible for unauthenticated attackers to generate forms using AI, consuming site's AI usage limits.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

공개

2025. 12. 16.

모더레이션

수락

항목

VDB-336514

CPE

준비됨

CWE

CWE-862 (확인됨)

CVSS

5.3 (CNA)

EPSS

0.00119

KEV

아니요

활동

매우 낮음

부문

Hostingprovider

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-11991
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-11991
CVE Details	https://www.cvedetails.com/cve/CVE-2025-11991/

◂ 이전 개요 다음 ▸

Do you know our Splunk app?

Download it now for free!