Sensitive Information Exposure in Form Maker Plugin for WordPress by 10Web
CVE-2024-2112
7.5HIGH
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 9 April 2024
What is CVE-2024-2112?
The Form Maker plugin by 10Web for WordPress is susceptible to a vulnerability that allows unauthenticated attackers to gain access to sensitive information through the signature functionality. This exposure enables attackers to extract critical user data, including signatures, from all versions of the plugin up to and including 1.15.22. It is important for users of the plugin to update to the latest version to mitigate this issue and protect their sensitive data.
Affected Version(s)
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder * <= 1.15.22