ReportizFlow
Filtered by vendor Funnelforms
Subscriptions
Filtered by product Interactive Contact Form And Multi Step Form Builder
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-7447 | 1 Funnelforms | 2 Funnelforms Free, Interactive Contact Form And Multi Step Form Builder | 2024-09-13 | 5.3 Medium |
| The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'fnsf_af2_handel_file_upload' function in all versions up to, and including, 3.7.3.2. This makes it possible for unauthenticated attackers to upload arbitrary media to the site, even if no forms exist. | ||||
Page 1 of 1.