Filtered by vendor Subtlewebinc
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0591 | 1 Subtlewebinc | 1 Formcraft3 | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users |