WordPress Plugin Vulnerabilities
NEX Forms < 7.8.8 - Authentication Bypass for PDF Reports
Description
The plugin was vulnerable to Authentication Bypass for PDF Reports allowing unauthenticated attackers to download PDF reports.
Proof of Concept
http://www.example.com/wp-content/uploads/submission_report.pdf
Affects Plugins
References
Classification
Type
AUTHBYPASS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
rauschecker
Verified
No
WPVDB ID
Timeline
Publicly Published
2021-07-20 (about 2 years ago)
Added
2021-07-20 (about 2 years ago)
Last Updated
2022-04-12 (about 2 years ago)