CVE-2024-34817

WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

CVSS 4.3 MEDIUMEPSS 0.2%CWE-352

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

CRM Perks · Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://patchstack.com/database/vulnerability/integration-for-contact-form-7-and-pipedrive/wordpress-integration-for-pipedrive-and-contact-form-7-wpforms-elementor-ninja-forms-plugin-1-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve