Accesspressthemes Ultimate-Form-Builder-Lite vulnerabilities
2 known vulnerabilities affecting accesspressthemes/ultimate-form-builder-lite.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2017-15919P2CRITICALCVSS 9.8Exploited≤ 1.3.62017-10-26
CVE-2017-15919 [CRITICAL] CWE-89 CVE-2017-15919: The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant P
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.
nvd
CVE-2021-24867P3CRITICALCVSS 9.8v1.5.02022-02-21
CVE-2021-24867 [CRITICAL] CWE-912 CVE-2021-24867: Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion
nvd