[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-15919

Date: (C)2017-10-30   (M)2017-11-10 


The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.

CVSS Score: 5.0Access Vector:
Exploit Score: Access Complexity:
Impact Score: Authentication:
 Confidentiality:
 Integrity:
 Availability:





Reference:
BID-101604
https://wordpress.org/plugins/ultimate-form-builder-lite/#developers
https://wpvulndb.com/vulnerabilities/8935
https://www.wordfence.com/blog/2017/10/zero-day-vulnerability-ultimate-form-builder-lite/

© 2013 SecPod Technologies