CVE-2023-0816 Vulnerability Details

  /     /     /  

CVE-2023-0816 Metadata Quick Info

CVE Published: 27/03/2023 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: WPScan | Vendor: Unknown | Product: Formidable Forms
Status : PUBLISHED

---

CVE-2023-0816 Description

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: CWE-290 Authentication Bypass by Spoofing
Source: Unknown

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).