WPForms Plugin Vulnerability

Thread starter Shawn Gossman
Start date Dec 10, 2024
Tags

wordpress news wordpress plugin vulnerability wpforms

Welcome to Another Admin Forum!

Welcome to Another Admin Forum! Join our community of forum creators today. Register for a free account and get tips, resources, and support to build and grow your forum. Let's create better forums together!

Dec 10, 2024

Admin
#1

Shawn Gossman

Administrator

AAF Administrator

AAF Moderator

The vulnerability is due to a missing capability check in a function within the plugin called wpforms_is_admin_page, which means that the plugin doesn’t check for appropriate permissions of the user attempting to make a change with this function. That means that the plugin allows data to be modified by attackers lacking sufficient privileges.

Recommendations:

It’s recommended that users of versions WPForms plugin users from versions 1.8.4 up to an including 1.9.2.1 update their plugins.

Source: WPForms Plugin Vulnerability Affects Up To 6 Million Sites

You must log in or register to reply here.

Facebook X (Twitter) LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top Bottom

WPForms Plugin Vulnerability

Welcome to Another Admin Forum!

Welcome to Another Admin Forum! Join our community of forum creators today. Register for a free account and get tips, resources, and support to build and grow your forum. Let's create better forums together!

Shawn Gossman

Administrator

Recommendations:​

Recommendations: