Unrated severityNVD Advisory· Published Mar 21, 2022· Updated Aug 2, 2024
Formcraft3 < 3.8.28 - Unauthenticated SSRF
CVE-2022-0591
Description
The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.