Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2
Critical0
High1
Medium1
Reset
Showing 1-2 of 2 records
Threat Entry Updated 2024-11-21

CVE-2023-5134 - Easy Registration Forms Plugin

The Easy Registration Forms for WordPress is vulnerable to Information Disclosure via the 'erforms_user_meta' shortcode in versions up to, and including, 2.1.1 due to insufficient controls on the information retrievable via the shortcode. This makes it possible for authenticated attackers, with subscriber-level capabilities or above, to retrieve arbitrary sensitive user meta.

PLUGIN Easy Registration Forms

CVE-2023-5134

MEDIUM CVSS 4.3 2023-09-23
Open Full Technical Breakdown
Threat Entry Updated 2024-11-21

CVE-2021-39353 - Easy Registration Forms Plugin

The Easy Registration Forms WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation via the ajax_add_form function found in the ~/includes/class-form.php file which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 2.1.1.

PLUGIN Easy Registration Forms

CVE-2021-39353

HIGH CVSS 8.8 2021-11-19
Open Full Technical Breakdown
Scroll to top