The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages.
References
Link | Resource |
---|---|
https://advisory.checkmarx.net/advisory/CX-2020-4293 | Exploit Third Party Advisory |
https://plugins.trac.wordpress.org/changeset/2454670/ | Patch Third Party Advisory |
https://wordpress.org/plugins/sb-elementor-contact-form-db/#developers | Product Release Notes Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-12T18:57:19
Updated: 2021-03-31T20:18:12
Reserved: 2021-01-12T00:00:00
Link: CVE-2021-3133
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-12T19:15:13.070
Modified: 2022-05-16T20:45:52.480
Link: CVE-2021-3133
JSON object: View
Redhat Information
No data.
CWE