Lucene search
China National Vulnerability DatabaseCNVD-2022-68557HistoryDec 31, 2021 - 12:00 a.m.
WordPress plugin Contact Form Advanced Database security bypass vulnerability
2021-12-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
21.2%
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin Contact Form Advanced Database 1.0.8 and earlier versions have a security bypass vulnerability that stems from the absence of any authorization and CSRF checks in its delete data and export data operations. An attacker could use this vulnerability to bypass access restrictions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress contact form advanced database | lt | 1.0.8 |
Related
prion
prion
Cross site request forgery (csrf)
2021-12-13 11:15:00
wpexploit
wpexploit
Contact Form Advanced Database <= 1.0.8 - Unauthorised AJAX Calls
2021-11-15 00:00:00
cve
cve
CVE-2021-24790
2021-12-13 11:15:08
wpvulndb
wpvulndb
Contact Form Advanced Database <= 1.0.8 - Unauthorised AJAX Calls
2021-11-15 00:00:00
cvelist
cvelist
nvd
nvd
CVE-2021-24790
2021-12-13 11:15:08
patchstack
patchstack