Cimatti: >> Wordpress Contact Forms >> 1.9.4 Security Vulnerabilities
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4. This makes it possible for unauthenticated attackers to download other user submitted forms.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-02-01