Vulnerabilities > Easyregistrationforms > Easy Registration Forms > 1.2.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-23 | CVE-2023-5134 | Unspecified vulnerability in Easyregistrationforms Easy Registration Forms The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. | 4.3 |
2021-11-19 | CVE-2021-39353 | Cross-Site Request Forgery (CSRF) vulnerability in Easyregistrationforms Easy Registration Forms The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajax_add_form function found in the ~/includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 2.1.1. | 6.8 |