Vulnerabilities > Mondula > Multi Step Form > 1.7.17
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-16 | CVE-2024-12427 | Missing Authorization vulnerability in Mondula Multi Step Form The Multi Step Form plugin for WordPress is vulnerable to unauthorized limited file upload due to a missing capability check on the fw_upload_file AJAX action in all versions up to, and including, 1.7.23. | 5.3 |
| 2024-10-29 | CVE-2024-50428 | Missing Authorization vulnerability in Mondula Multi Step Form Missing Authorization vulnerability in Mondula GmbH Multi Step Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Multi Step Form: from n/a through 1.7.21. | 9.8 |