Cross-Site Request Forgery Vulnerability in Daman Jeet Real Time Validation for Gravity Forms
CVE-2025-48328

4.3MEDIUM

What is CVE-2025-48328?

A vulnerability exists in Daman Jeet Real Time Validation for Gravity Forms that allows attackers to execute unauthorized commands on behalf of authenticated users without their consent. This CSRF vulnerability can be exploited to change settings and configurations within the plugin, potentially leading to further security compromises.

Affected Version(s)

Real Time Validation for Gravity Forms <= 1.7.0

References

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Nguyen Xuan Chien (Patchstack Alliance)
.
CVE-2025-48328 : Cross-Site Request Forgery Vulnerability in Daman Jeet Real Time Validation for Gravity Forms