Medium severity6.5NVD Advisory· Published Mar 7, 2022· Updated Jun 17, 2026
CVE-2022-0163
CVE-2022-0163
Description
The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form's data, which could include sensitive information such as PII depending on the form.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.6.71
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/2b6b0731-4515-498a-82bd-d416f5885268nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.