funnelforms - CVE CyberSecurity Database News (Page 2)

CVE-2023-5385 - How a WordPress Plugin Let Low-Permission Users Copy Any Post (Funnelforms Free <= 3.4)

Date: June 2024 Severity: Medium Exploitability: Authenticated (Subscriber+) >The Funnelforms Free plugin for WordPress, up to version 3.4, contains a security vulnerability (CVE-2023-5385)

Nov 22, 2023 CSRF WordPress Exploit funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5382 - How a Simple CSRF Bug Could Let Attackers Delete Your WordPress Posts via Funnelforms Free

--- Summary: A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the popular Funnelforms Free WordPress plugin, affecting versions up to and including 3.

Nov 22, 2023 WordPress Exploit funnelforms Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free

CVE-2023-5416 - How a Simple Missing Capability Check in Funnelforms Free Lets Any User Delete Your Categories

In the world of WordPress plugins, security mistakes can have massive consequences. In late 2023, a critical flaw was discovered in the popular Funnelforms Free