📦 Arforms

This vulnerability in the ARForms WordPress plugin allows unauthenticated attackers to upload malicious PHP files through form submissions. Any WordPress site using ARForms plugin versions before 6.6 ...

This CVE describes a Missing Authorization vulnerability in the ARForms WordPress plugin that allows subscribers (low-privileged users) to delete arbitrary files on the server. The vulnerability affec...

This CVE describes a Missing Authorization vulnerability in the ARForms WordPress plugin that allows authenticated subscribers to arbitrarily activate or deactivate other plugins. This affects all Wor...

This vulnerability allows attackers to inject malicious scripts into web pages generated by the ARForms WordPress plugin. When users visit a specially crafted link, the script executes in their browse...

This SQL injection vulnerability in the ARForms WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It affects all ARForms plugin versions up to 6.4, potentially compr...

This CVE describes a Missing Authorization vulnerability in the ARForms WordPress plugin that allows authenticated users with subscriber-level permissions to modify plugin settings. This affects all A...