Vulnerabilities > Advanced Forms Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-23	CVE-2021-24892	Authorization Bypass Through User-Controlled Key vulnerability in Advanced Forms Project Advanced Forms Insecure Direct Object Reference in edit function of Advanced Forms (Free & Pro) before 1.6.9 allows authenticated remote attacker to change arbitrary user's email address and request for reset password, which could lead to take over of WordPress's administrator account. network low complexity advanced-forms-project CWE-639	8.8

Vulnerabilities > Advanced Forms Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Advanced Forms Project"}]}