Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform Elementor Contact Form Builder: from n/a through 3.4.0.
History

Mon, 09 Dec 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Wpmet
Wpmet metform Elementor Contact Form Builder
CPEs cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*
Vendors & Products Wpmet
Wpmet metform Elementor Contact Form Builder
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 09 Dec 2024 11:45:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in Wpmet Metform Elementor Contact Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Metform Elementor Contact Form Builder: from n/a through 3.4.0.
Title WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability
Weaknesses CWE-862
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published: 2024-12-09T11:29:52.850Z

Updated: 2024-12-09T19:55:42.209Z

Reserved: 2023-12-15T15:45:32.565Z

Link: CVE-2023-50903

cve-icon Vulnrichment

Updated: 2024-12-09T19:55:37.341Z

cve-icon NVD

Status : Received

Published: 2024-12-09T13:15:39.233

Modified: 2024-12-09T13:15:39.233

Link: CVE-2023-50903

cve-icon Redhat

No data.