Description
WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder is prone to multiple vulnerabilities, including server-side request forgery and cross-site request forgery vulnerabilities. Exploiting these issues could allow an attacker to make the vulnerable server perform port scanning of hosts in internal or external networks, or to perform certain administrative actions and gain unauthorized access to the affected application. WordPress Plugin Formidable Forms-Contact Form, Survey, Quiz, Calculator & Custom Form Builder version 5.5.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.5.5 or latest
References
Related Vulnerabilities
MySQL CVE-2021-2179 Vulnerability (CVE-2021-2179)
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2021-28165)
ReviveAdserver Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2021-22948)
WordPress Plugin Frontend File Manager Multiple Vulnerabilities (18.2)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-11112)