NotCVE - vendor:"Svenl77" product:"Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions (UGC)"

5 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-8246 – Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.11 - Authenticated (Contributor+) Privilege Escalation

https://notcve.org/view.php?id=CVE-2024-8246

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. This is due to plugin not properly restricting what users have access to set the default role on registration forms. This makes it possible for authenticated attackers, with contributor-level access and above, to create a registration form with a custom role that allows them to register as administrators. • https://plugins.trac.wordpress.org/changeset/3149760/buddyforms/trunk/includes/admin/form-builder/meta-boxes/metabox-registration.php https://www.wordfence.com/threat-intel/vulnerabilities/id/40760f60-b81a-447b-a2c8-83c7666ce410?source=cve • CWE-269: Improper Privilege Management •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1170 – Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Deletion

https://notcve.org/view.php?id=CVE-2024-1170

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to delete arbitrary media files. El complemento Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) para WordPress es vulnerable a la eliminación no autorizada de archivos multimedia debido a una falta de verificación de capacidad en la función handle_deleted_media en todas las versiones hasta e incluyendo , 2.8.7. Esto hace posible que atacantes no autenticados eliminen archivos multimedia arbitrarios. • https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1493 https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk?contextall=1&old=3031945&old_path=%2Fbuddyforms%2Ftrunk#file7 https://www.wordfence.com/threat-intel/vulnerabilities/id/380c646c-fd95-408a-89eb-3e646768bbc5?source=cve • CWE-862: Missing Authorization •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1169 – Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization to Unauthenticated Media Upload

https://notcve.org/view.php?id=CVE-2024-1169

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyforms_upload_handle_dropped_media function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to upload media files. El complemento Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) para WordPress es vulnerable a la carga de medios no autorizados debido a una falta de verificación de capacidad en la función buddyforms_upload_handle_dropped_media en todas las versiones hasta, e incluyendo, 2.8.7. Esto hace posible que atacantes no autenticados carguen archivos multimedia. • https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/functions.php#L1466 https://plugins.trac.wordpress.org/changeset/3046092/buddyforms/trunk/includes/functions.php?contextall=1&old=3023795&old_path=%2Fbuddyforms%2Ftrunk%2Fincludes%2Ffunctions.php https://www.wordfence.com/threat-intel/vulnerabilities/id/6d14a90d-65ea-45da-956b-0735e2e2b538?source=cve • CWE-862: Missing Authorization •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-1158 – Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) <= 2.8.7 - Missing Authorization

https://notcve.org/view.php?id=CVE-2024-1158

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the buddyforms_new_page function in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber access or higher, to create pages with arbitrary titles. These pages are published. El complemento Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) para WordPress es vulnerable a modificaciones no autorizadas de datos debido a una falta de verificación de capacidad en la función buddyforms_new_page en todas las versiones hasta e incluyendo , 2.8.7. Esto hace posible que atacantes autenticados, con acceso de suscriptor o superior, creen páginas con títulos arbitrarios. • https://plugins.trac.wordpress.org/browser/buddyforms/trunk/includes/admin/admin-ajax.php?rev=2820257#L80 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3046092%40buddyforms%2Ftrunk&old=3031945%40buddyforms%2Ftrunk&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/198cb3bb-73fe-45ae-b8e0-b7ee8dda9547?source=cve • CWE-862: Missing Authorization •

CVSS: 6.3EPSS: 0%CPEs: 425EXPL: 0

CVE-2022-4974 – Freemius SDK <= 2.4.2 - Missing Authorization Checks

https://notcve.org/view.php?id=CVE-2022-4974

The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable. • https://www.wordfence.com/threat-intel/vulnerabilities/id/39fb0499-9ab4-4a2f-b0db-ece86bcf4d42?source=cve https://wpscan.com/vulnerability/6dae6dca-7474-4008-9fe5-4c62b9f12d0a https://freemius.com/blog/managing-security-issues-open-source-freemius-sdk-security-disclosure https://wpdirectory.net/search/01FWPVWA7BC5DYGZHNSZQ9QMN5 https://wpdirectory.net/search/01G02RSGMFS1TPT63FS16RWEYR https://web.archive.org/web/20220225174410/https%3A//www.pluginvulnerabilities.com/2022/02/25/our-security-review-of-wordpress-plugin-found-freemius-li • CWE-862: Missing Authorization •