← voltar
CVE-2024-34817

WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

CVSS 4.3 MEDIUMEPSS 0.2%CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.0.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Produtos afetados
CRM Perks · Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://patchstack.com/database/vulnerability/integration-for-contact-form-7-and-pipedrive/wordpress-integration-for-pipedrive-and-contact-form-7-wpforms-elementor-ninja-forms-plugin-1-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve