WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Smart Forms <= 2.5.15 - Cross-Site Request Forgery (CSRF)

Description

The Smart Forms – when you need more than just a contact form WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

smart-forms
Fixed in version 2.6.16

References

CVE
CVE-2019-5924
URL
https://jvn.jp/jp/JVN97656108/index.html

Classification

Type

CSRF

OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Original Researcher

Toshiharu Sugiyama

Submitter

Ryan Dewhurst

Submitter twitter
ethicalhack3r
Verified

No

WPVDB ID
7d651adb-4c02-4928-9aa3-5726735116c7

Timeline

Publicly Published

2019-02-28 (about 3 years ago)

Added

2019-03-13 (about 3 years ago)

Last Updated

2020-09-22 (about 2 years ago)

Our Other Services

WPScan WordPress Security Plugin