CVE-2021-39353 – The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery d …

19 November 2021

Vuln ID: CVE-2021-39353

Published: 2021-11-19 16:15:07Z

Description: The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajax_add_form function found in the ~/includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 2.1.1.

Source: NVD.NIST.GOV

Date:

19 November 2021

Categories:

NVD

Tags:

NVD

EU lawmakers finalize cyber security rules that panicked open source devs4 December 2023
Put guardrails around AI use to protect your org, but be open to changes4 December 2023
2023 Gartner® Market Guide for Security, Orchestration, Automation and Response Solutions4 December 2023
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware4 December 2023
The AI readiness race and where global companies stand4 December 2023