CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5309

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the fv_export_csv, reset_settings, save_settings, save_columns_settings, get_analytics_data, get_event_logs_data, delete_submissions, and get_submissions functions in all versions up to, and including, 1.4.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform multiple unauthorized actions. NOTE: This vulnerability is partially fixed in version 1.4.12.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2024-5309

Wpvibes » Form Vibes » Version: 0.1.0

cpe:2.3:a:wpvibes:form_vibes:0.1.0
Wpvibes » Form Vibes » Version: 0.1.1

cpe:2.3:a:wpvibes:form_vibes:0.1.1
Wpvibes » Form Vibes » Version: 0.1.2

cpe:2.3:a:wpvibes:form_vibes:0.1.2
Wpvibes » Form Vibes » Version: 1.0.0

cpe:2.3:a:wpvibes:form_vibes:1.0.0
Wpvibes » Form Vibes » Version: 1.0.1

cpe:2.3:a:wpvibes:form_vibes:1.0.1
Wpvibes » Form Vibes » Version: 1.0.2

cpe:2.3:a:wpvibes:form_vibes:1.0.2
Wpvibes » Form Vibes » Version: 1.1.0

cpe:2.3:a:wpvibes:form_vibes:1.1.0
Wpvibes » Form Vibes » Version: 1.1.1

cpe:2.3:a:wpvibes:form_vibes:1.1.1
Wpvibes » Form Vibes » Version: 1.1.2

cpe:2.3:a:wpvibes:form_vibes:1.1.2
Wpvibes » Form Vibes » Version: 1.1.3

cpe:2.3:a:wpvibes:form_vibes:1.1.3
Wpvibes » Form Vibes » Version: 1.2

cpe:2.3:a:wpvibes:form_vibes:1.2
Wpvibes » Form Vibes » Version: 1.2.1

cpe:2.3:a:wpvibes:form_vibes:1.2.1
Wpvibes » Form Vibes » Version: 1.2.2

cpe:2.3:a:wpvibes:form_vibes:1.2.2
Wpvibes » Form Vibes » Version: 1.2.3

cpe:2.3:a:wpvibes:form_vibes:1.2.3
Wpvibes » Form Vibes » Version: 1.2.4

cpe:2.3:a:wpvibes:form_vibes:1.2.4
Wpvibes » Form Vibes » Version: 1.2.5

cpe:2.3:a:wpvibes:form_vibes:1.2.5
Wpvibes » Form Vibes » Version: 1.2.6

cpe:2.3:a:wpvibes:form_vibes:1.2.6
Wpvibes » Form Vibes » Version: 1.3.0

cpe:2.3:a:wpvibes:form_vibes:1.3.0
Wpvibes » Form Vibes » Version: 1.3.1

cpe:2.3:a:wpvibes:form_vibes:1.3.1
Wpvibes » Form Vibes » Version: 1.3.2

cpe:2.3:a:wpvibes:form_vibes:1.3.2
Wpvibes » Form Vibes » Version: 1.3.3

cpe:2.3:a:wpvibes:form_vibes:1.3.3
Wpvibes » Form Vibes » Version: 1.3.4

cpe:2.3:a:wpvibes:form_vibes:1.3.4
Wpvibes » Form Vibes » Version: 1.3.5

cpe:2.3:a:wpvibes:form_vibes:1.3.5
Wpvibes » Form Vibes » Version: 1.3.6

cpe:2.3:a:wpvibes:form_vibes:1.3.6
Wpvibes » Form Vibes » Version: 1.3.7

cpe:2.3:a:wpvibes:form_vibes:1.3.7
Wpvibes » Form Vibes » Version: 1.4

cpe:2.3:a:wpvibes:form_vibes:1.4
Wpvibes » Form Vibes » Version: 1.4.1

cpe:2.3:a:wpvibes:form_vibes:1.4.1
Wpvibes » Form Vibes » Version: 1.4.2

cpe:2.3:a:wpvibes:form_vibes:1.4.2
Wpvibes » Form Vibes » Version: 1.4.3

cpe:2.3:a:wpvibes:form_vibes:1.4.3
Wpvibes » Form Vibes » Version: 1.4.4

cpe:2.3:a:wpvibes:form_vibes:1.4.4
Wpvibes » Form Vibes » Version: 1.4.5

cpe:2.3:a:wpvibes:form_vibes:1.4.5
Wpvibes » Form Vibes » Version: 1.4.6

cpe:2.3:a:wpvibes:form_vibes:1.4.6
Wpvibes » Form Vibes » Version: 1.4.7

cpe:2.3:a:wpvibes:form_vibes:1.4.7
Wpvibes » Form Vibes » Version: 1.4.8

cpe:2.3:a:wpvibes:form_vibes:1.4.8
Wpvibes » Form Vibes » Version: 1.4.9

cpe:2.3:a:wpvibes:form_vibes:1.4.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5309

Products

Pricing

Contact Us