exploitDog

CVE-2025-24604

Опубликовано: 24 янв. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Missing Authorization vulnerability in Vikas Ratudi VForm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VForm: from n/a through 3.0.5.

Ссылки

https://patchstack.com/database/wordpress/plugin/v-form/vulnerability/wordpress-lifetime-free-drag-drop-contact-form-builder-for-wordpress-vform-plugin-3-0-5-broken-access-control-vulnerability?_s_id=cve

EPSS

Процентиль: 38%

0.0017

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-862

Связанные уязвимости

GHSA-px9r-jcp7-fvj6

CVSS3: 5.4

github

около 1 года назад

Missing Authorization vulnerability in Vikas Ratudi VForm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VForm: from n/a through 3.0.5.

EPSS

Процентиль: 38%

0.0017

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-862