Post Form
by Themekraft
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-1170 | Hig | 0.46 | 8.2 | 0.01 | Mar 7, 2024 | The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all… | ||
| CVE-2024-1169 | Hig | 0.42 | 7.5 | 0.01 | Mar 7, 2024 | The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyforms_upload_handle_dropped_media function… | ||
| CVE-2023-25981 | 0.00 | — | 0.00 | Aug 25, 2023 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions. |
- risk 0.46cvss 8.2epss 0.01
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all…
- risk 0.42cvss 7.5epss 0.01
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyforms_upload_handle_dropped_media function…
- CVE-2023-25981Aug 25, 2023risk 0.00cvss —epss 0.00
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <= 2.8.1 versions.