CVE-2024-22305

CVSS 3.1 Score 8.1 of 10 (high)

Details

Published Jan 31, 2024

Updated: Feb 5, 2024

CWE ID 639

Summary

CVE-2024-22305 represents a critical Authorization Bypass vulnerability in the Contact Form builder with drag & drop plugin for WordPress, specifically the Kali Forms version. This issue allows unauthorized users to circumvent access controls and manipulate data, affecting installations ranging from version n/a to 2.3.36. Successful exploitation could lead to compromise of sensitive information or unintended actions. Users are urged to update to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uE2_yg
https://www.cve.org/CVERecord?id=CVE-2024-22305
https://nvd.nist.gov/vuln/detail/CVE-2024-22305

Back to Vulnerability Database

CVE-2024-22305

CVSS 3.1 Score 8.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations