Join Now

Navigation

More options

Style variation

Close Menu

Join Another Admin Forum Today for Free!

Join a Forum of Forum and Blog Admins from Around the World. Learn how to create the Best Forum or Blog from Seasoned Experts. Find out how to Promote Your Forum or Blog and Earn Money. Become a Better Admin by joining in on the discussions on Another Admin Forum. Join Today, it’s Free!

Join Now Log in

Forum/Blog of the Month Winner

Planet Blog

WPForms Plugin Vulnerability

Thread starter Shawn Gossman
Start date Dec 10, 2024
Tags

wordpress news wordpress plugin vulnerability wpforms

Dec 10, 2024

Admin
#1

Shawn Gossman

Administrator

AAF Administrator

AAF Moderator

The vulnerability is due to a missing capability check in a function within the plugin called wpforms_is_admin_page, which means that the plugin doesn’t check for appropriate permissions of the user attempting to make a change with this function. That means that the plugin allows data to be modified by attackers lacking sufficient privileges.

Recommendations:

It’s recommended that users of versions WPForms plugin users from versions 1.8.4 up to an including 1.9.2.1 update their plugins.

Source: WPForms Plugin Vulnerability Affects Up To 6 Million Sites

You must log in or register to reply here.

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Back

Top Bottom

Join Another Admin Forum Today for Free!

Join a Forum of Forum and Blog Admins from Around the World. Learn how to create the Best Forum or Blog from Seasoned Experts. Find out how to Promote Your Forum or Blog and Earn Money. Become a Better Admin by joining in on the discussions on Another Admin Forum. Join Today, it’s Free!

WPForms Plugin Vulnerability

Shawn Gossman

Administrator

Recommendations:​

Recommendations: