Medium severity5.3NVD Advisory· Published Apr 12, 2022· Updated Jun 17, 2026
CVE-2022-0140
CVE-2022-0140
Description
The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <3.0.6
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336nvdExploitThird Party Advisory
- www.fortiguard.com/zeroday/FG-VD-21-082nvdThird Party Advisory
News mentions
0No linked articles in our index yet.