VYPR

DHVC Form

by WordPress

CVEs (1)

  • CVE-2024-8420CriFeb 28, 2025
    risk 0.64cvss 9.8epss 0.01

    The DHVC Form plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.7. This is due to the plugin allowing a user to supply the 'role' field when registering. This makes it possible for unauthenticated attackers to register as an…