CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46083 – WordPress Kali Forms plugin <= 2.3.27 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-46083
16 Oct 2023 — Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.27. The Contact Form builder with drag & drop - Kali Forms plugin for WordPress is vulnerable to unauthorized modification of data due to a missing check on the run_form_process_checks function in versions up to, and including, 2.3.27. This makes ... • https://patchstack.com/database/wordpress/plugin/kali-forms/vulnerability/wordpress-kali-forms-plugin-2-3-27-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-45275 – WordPress Contact Form builder with drag & drop plugin <= 2.3.28 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-45275
06 Oct 2023 — Missing Authorization vulnerability in Kali Forms Contact Form builder with drag & drop - Kali Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form builder with drag & drop - Kali Forms: from n/a through 2.3.28. The Contact Form builder with drag & drop - Kali Forms plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the get_log function in versions up to, and including, 2.3.28. This makes it possible for aut... • https://patchstack.com/database/wordpress/plugin/kali-forms/vulnerability/wordpress-contact-form-builder-with-drag-drop-plugin-2-3-27-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •