WordPress Plugin Vulnerabilities

NEX Forms < 7.8.8 - Authentication Bypass for PDF Reports

Description

The plugin was vulnerable to Authentication Bypass for PDF Reports allowing unauthenticated attackers to download PDF reports.

Proof of Concept

http://www.example.com/wp-content/uploads/submission_report.pdf

Affects Plugins

Plugin icon
nex-forms
Fixed in 7.8.8

References

CVE
CVE-2021-34675
URL
https://codecanyon.net/item/nexforms-the-ultimate-wordpress-form-builder/7103891
URL
https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34675
URL
http://basixonline.net/nex-forms-wordpress-form-builder-demo/change-log/

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
rauschecker
Verified
No
WPVDB ID
0a381f83-056f-4f32-a1ad-0b128f5c8818

Timeline

Publicly Published
2021-07-20 (about 2 years ago)
Added
2021-07-20 (about 2 years ago)
Last Updated
2022-04-12 (about 2 years ago)

Other

Published
Title
Published
2019-09-26
Title
GiveWp < 2.5.5 - Authentication Bypass
Published
2017-12-03
Title
Apocalypse Meow 21.1.3-21.2.7 - BCrypt Authentication Bypass
Published
2021-07-21
Title
SendGrid <= 1.11.8 - Authenticated Authorization Bypass
Published
2020-01-14
Title
Backup and Staging by WP Time Capsule < 1.21.16 - Authentication Bypass
Published
2016-07-19
Title
Form Lightbox - Arbitrary Option Update Leading to Admin Account