FormCraft is a plugin for WordPress websites that was vulnerable to a type of attack called a SQL injection. This attack allowed people to run commands on the website without permission. FormCraft plugin version 1.3.7 and earlier was especially vulnerable because it did not properly protect the ‘id’ parameter from being manipulated.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
