CVE-2024-0907 in Form Builder PluginИнформация

Сводка

по MITRE • 29.02.2024

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the restore_records() function in all versions up to, and including, 8.5.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to restore records.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Резервировать

25.01.2024

Раскрытие

29.02.2024

Модерация

принято

Вход

VDB-252519

EPSS

0.00598

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Want to know what is going to be exploited?

We predict KEV entries!