WordPress Plugin Vulnerabilities

Flo Forms < 1.0.36 - Authenticated Options Change to Stored XSS

Description

The plugin was being actively exploited, allowing low privilege users to use the flo_import_forms_options AJAX action to import new options and inject malicious JavaScript code in the backend.

Affects Plugins

Plugin icon
flo-forms
Fixed in 1.0.36

References

CVE
CVE-2021-4367
URL
https://blog.nintechnet.com/zero-day-vulnerability-fixed-in-wordpress-flo-forms-plugin/

Classification

Type
ACCESS CONTROLS
OWASP top 10
A5: Broken Access Control
CWE
CWE-284
CVSS
9.9 (critical)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet.com)
Verified
Yes
WPVDB ID
b4a83501-c727-4c9b-a9a1-46b399ab0caa

Timeline

Publicly Published
2021-03-16 (about 3 years ago)
Added
2021-03-16 (about 3 years ago)
Last Updated
2023-06-08 (about 11 months ago)

Other

Published
Title
Published
2024-02-16
Title
WP Maintenance < 6.1.7 - Information Exposure
Published
2024-04-15
Title
Simple Registration for WooCommerce <= 1.5.6 - Unauthenticated Privilege Escalation
Published
2021-04-20
Title
Redirection for Contact Form 7 < 2.3.4 - Unauthenticated Arbitrary Nonce Generation
Published
2023-06-02
Title
Online Booking & Scheduling Calendar for WordPress by vcita <= 4.3.5 - Missing authentication
Published
2021-04-22
Title
Multiple WP-Buy Plugins - Arbitrary Plugin Installation/Activation via Low Privilege User