The Views for WPForms – Display & Edit WPForms Entries on your site frontend plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'create_view' function in all versions up to, and including, 3.2.2. This makes it possible for authenticated attackers, with subscriber access and above, to create form views.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-02-05T21:21:56.544Z
Updated: 2024-08-01T18:04:49.562Z
Reserved: 2024-01-09T20:13:19.354Z
Link: CVE-2024-0371
Vulnrichment
Updated: 2024-08-01T18:04:49.562Z
NVD
Status : Analyzed
Published: 2024-02-05T22:16:00.483
Modified: 2024-02-10T02:13:01.613
Link: CVE-2024-0371
Redhat
No data.