Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities - CVE-2017-15919 - Vulnerability Database
WP Plugin Ultimate Form Builder Lite

WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities - CVE-2017-15919

Critical
Reference: CVE-2017-15919
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2017-15919
Title: WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities
Overview:

WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite is prone to multiple vulnerabilities including PHP object injection and SQL injection vulnerabilities. A successful exploit may allow an attacker to execute arbitrary PHP code within the context of the affected webserver process or to compromise the application access or modify data or exploit latent vulnerabilities in the underlying database. WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite version 1.3.6 is vulnerable prior versions may also be affected.