Medium severity4.3NVD Advisory· Published May 2, 2024· Updated Jun 17, 2026
CVE-2024-1416
CVE-2024-1416
Description
The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on several functions in all versions up to, and including, 1.8.9. This makes it possible for unauthenticated attackers to invoke those functions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.8.9
Patches
Vulnerability mechanics
References
5- plugins.trac.wordpress.org/browser/lead-form-builder/trunk/inc/ajax-functions.phpnvd
- plugins.trac.wordpress.org/browser/lead-form-builder/trunk/inc/ajax-functions.phpnvd
- plugins.trac.wordpress.org/browser/lead-form-builder/trunk/inc/lf-install.phpnvd
- plugins.trac.wordpress.org/changeset/3068835nvd
- www.wordfence.com/threat-intel/vulnerabilities/id/d087957c-0dd5-46a9-a6bc-85f2f79f43bdnvd
News mentions
0No linked articles in our index yet.