CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2563

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.7. This is due to missing or incorrect nonce validation on the function _accua_forms_form_edit_action. This makes it possible for unauthenticated attackers to delete forms created with this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.0%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-2563

Cimatti » Contact Forms » Version: N/A

cpe:2.3:a:cimatti:contact_forms:-
Cimatti » Contact Forms » Version: 1.1

cpe:2.3:a:cimatti:contact_forms:1.1
Cimatti » Contact Forms » Version: 1.2

cpe:2.3:a:cimatti:contact_forms:1.2
Cimatti » Contact Forms » Version: 1.2.1

cpe:2.3:a:cimatti:contact_forms:1.2.1
Cimatti » Contact Forms » Version: 1.3

cpe:2.3:a:cimatti:contact_forms:1.3
Cimatti » Contact Forms » Version: 1.3.1

cpe:2.3:a:cimatti:contact_forms:1.3.1
Cimatti » Contact Forms » Version: 1.3.2

cpe:2.3:a:cimatti:contact_forms:1.3.2
Cimatti » Contact Forms » Version: 1.3.3

cpe:2.3:a:cimatti:contact_forms:1.3.3
Cimatti » Contact Forms » Version: 1.3.4

cpe:2.3:a:cimatti:contact_forms:1.3.4
Cimatti » Contact Forms » Version: 1.3.5

cpe:2.3:a:cimatti:contact_forms:1.3.5
Cimatti » Contact Forms » Version: 1.3.6

cpe:2.3:a:cimatti:contact_forms:1.3.6
Cimatti » Contact Forms » Version: 1.3.7

cpe:2.3:a:cimatti:contact_forms:1.3.7
Cimatti » Contact Forms » Version: 1.3.8

cpe:2.3:a:cimatti:contact_forms:1.3.8
Cimatti » Contact Forms » Version: 1.3.9

cpe:2.3:a:cimatti:contact_forms:1.3.9
Cimatti » Contact Forms » Version: 1.4.0

cpe:2.3:a:cimatti:contact_forms:1.4.0
Cimatti » Contact Forms » Version: 1.4.1

cpe:2.3:a:cimatti:contact_forms:1.4.1
Cimatti » Contact Forms » Version: 1.4.10

cpe:2.3:a:cimatti:contact_forms:1.4.10
Cimatti » Contact Forms » Version: 1.4.11

cpe:2.3:a:cimatti:contact_forms:1.4.11
Cimatti » Contact Forms » Version: 1.4.12

cpe:2.3:a:cimatti:contact_forms:1.4.12
Cimatti » Contact Forms » Version: 1.4.2

cpe:2.3:a:cimatti:contact_forms:1.4.2
Cimatti » Contact Forms » Version: 1.4.3

cpe:2.3:a:cimatti:contact_forms:1.4.3
Cimatti » Contact Forms » Version: 1.4.4

cpe:2.3:a:cimatti:contact_forms:1.4.4
Cimatti » Contact Forms » Version: 1.4.5

cpe:2.3:a:cimatti:contact_forms:1.4.5
Cimatti » Contact Forms » Version: 1.4.6

cpe:2.3:a:cimatti:contact_forms:1.4.6
Cimatti » Contact Forms » Version: 1.4.7

cpe:2.3:a:cimatti:contact_forms:1.4.7
Cimatti » Contact Forms » Version: 1.4.8

cpe:2.3:a:cimatti:contact_forms:1.4.8
Cimatti » Contact Forms » Version: 1.4.9

cpe:2.3:a:cimatti:contact_forms:1.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-2563

Products

Pricing

Contact Us