Vulnerability Details CVE-2022-34867
Unauthenticated Sensitive Information Disclosure vulnerability in WP Libre Form 2 plugin <= 2.0.8 at WordPress allows attackers to list and delete submissions. Affects only versions from 2.0.0 to 2.0.8.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.4%
CVSS Severity
CVSS v3 Score 7.3
References
- https://github.com/libreform/libreform/pull/54/files
- https://patchstack.com/database/vulnerability/libreform/wordpress-wp-libre-form-2-plugin-2-0-8-unauthenticated-sensitive-information-disclosure-vulnerability
- https://github.com/libreform/libreform/pull/54/files
- https://patchstack.com/database/vulnerability/libreform/wordpress-wp-libre-form-2-plugin-2-0-8-unauthenticated-sensitive-information-disclosure-vulnerability
Products affected by CVE-2022-34867
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.0
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.1
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.2
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.3
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.4
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.5
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.6
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.6.1
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.7
-
cpe:2.3:a:wp_libre_form_project:wp_libre_form:2.0.8