Vulnerabilities > Themekraft > Post Form
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-07 | CVE-2024-1169 | Unspecified vulnerability in Themekraft Post Form The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyforms_upload_handle_dropped_media function in all versions up to, and including, 2.8.7. | 7.5 |
| 2024-03-07 | CVE-2024-1170 | Unspecified vulnerability in Themekraft Post Form The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all versions up to, and including, 2.8.7. | 8.2 |
| 2023-08-25 | CVE-2023-25981 | Cross-site Scripting vulnerability in Themekraft Post Form Auth. | 5.4 |