Medium severity4.3NVD Advisory· Published Feb 29, 2024· Updated Apr 8, 2026
CVE-2024-1218
CVE-2024-1218
Description
The Contact Form builder with drag & drop for WordPress – Kali Forms plugin for WordPress is vulnerable to unauthorized access and modification of data via API due to an inconsistent capability check on several REST endpoints in all versions up to, and including, 2.3.41. This makes it possible for authenticated attackers, with contributor access and higher, to obtain access to or modify forms or entries.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:kaliforms:contact_form_builder:*:*:*:*:*:wordpress:*:*Range: <2.3.41
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.