The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor WordPress plugin prior to 3.4.2 does not have CSRF checks on some of its form actions such as deletion and duplication, which could allow malicious users to make logged in admin perform such actions via CSRF attacks
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
funnelforms funnelforms free |