CVE-2024-6628
- EPSS 0.21%
- Veröffentlicht 16.11.2024 04:15:06
- Zuletzt bearbeitet 31.03.2025 19:58:57
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.9.9.9. This is due to missing or incorrect nonce validation when deleting f...
CVE-2024-6626
- EPSS 0.71%
- Veröffentlicht 06.11.2024 07:15:04
- Zuletzt bearbeitet 08.11.2024 21:18:44
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all versions up to, and including, 2.9.9.9. This makes i...
CVE-2024-38748
- EPSS 0.46%
- Veröffentlicht 01.11.2024 15:15:34
- Zuletzt bearbeitet 04.04.2025 17:43:43
Access Control vulnerability in TheInnovs EleForms allows . This issue affects EleForms: from n/a through 2.9.9.9.
CVE-2024-2043
- EPSS 0.45%
- Veröffentlicht 02.05.2024 17:15:15
- Zuletzt bearbeitet 21.03.2025 16:15:07
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when downloading form submissions in all versions up to, and including, 2.9.9.7....
CVE-2024-2082
- EPSS 1.26%
- Veröffentlicht 02.05.2024 17:15:15
- Zuletzt bearbeitet 21.03.2025 15:59:05
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 2.9.9.7 due to insufficient input sanitization and ou...