Unauthorized Access Vulnerability in Smart Forms WordPress Plugin
CVE-2024-1307
Currently unrated
Key Information:
- Vendor
Wordpress
- Status
- Vendor
- CVE Published:
- 15 April 2024
Badges
👾 Exploit Exists🟡 Public PoC
What is CVE-2024-1307?
The Smart Forms WordPress plugin before 2.6.94 does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions
Affected Version(s)
Smart Forms 0 < 2.6.94
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.