CVE-2017-20194

MEDIUM EXPLOITED NUCLEI

Formidable Form Builder <2.05.03 - Info Disclosure

Title source: llm

Description

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form.

Nuclei Templates (1)

Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure
MEDIUMVERIFIEDby DhiyaneshDK

References (2)

Scores

CVSS v3 5.3
EPSS 0.0933
EPSS Percentile 92.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

VulnCheck KEV 2024-10-15
CWE
CWE-200
Status published
Products (2)
strategy11/formidable_form_builder < 2.05.03
strategy11team/Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder < 2.05.03
Published Oct 16, 2024
Tracked Since Feb 18, 2026