Vulnerabilities (CVE)

Filtered by vendor Subtlewebinc Subscribe
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0591 1 Subtlewebinc 1 Formcraft3 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users