The WordPress Contact Forms by Cimatti plugin for WordPress has a security issue where data can be accessed without permission. This is because the accua_forms_download_submitted_file() function does not have a proper check to ensure only authorized users can access it. This means that anyone who is not logged in can download forms submitted by other users.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
