CVE-2019-15114 — Cross-Site Request Forgery in Formcraft

Severity

8.8HIGHNVD

EPSS

0.1%

top 74.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 16

Latest updateMay 24

Description

The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

GHSA

GHSA-5w7w-68w2-qxxq: The formcraft-form-builder plugin before 1↗2022-05-24

▶

CVEList

CVE-2019-15114: The formcraft-form-builder plugin before 1↗2019-08-16

▶