7.5
CVE-2024-2112
- EPSS 0.99%
- Veröffentlicht 09.04.2024 19:15:28
- Zuletzt bearbeitet 06.03.2025 15:00:11
- Quelle security@wordfence.com
- CVE-Watchlists
- Unerledigt
LoginForm Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.22 - Sensitive Information Exposure
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.15.22 via the signature functionality. This makes it possible for unauthenticated attackers to extract sensitive data including user signatures.
Mögliche Gegenmaßnahme
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder: Update to version 1.15.23, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Version
* - 1.15.22
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
10web ≫ Form Maker SwPlatformwordpress Version < 1.15.23
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.99% | 0.762 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| security@wordfence.com | 5.9 | 2.2 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|