cleantalk
Vulnerabilities and Security Researches

Smart Forms – when you need more than just a contact form, CVE-2024-1307

CVE, Research URL

CVE-2024-1307

Home page URL

Security reports for Smart Forms – when you need more than just a contact form

Application

Smart Forms – when you need more than just a contact form

Published on
Apr 15, 2024
Research Description
The Smart Forms WordPress plugin before 2.6.94 does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions
Affected versions
max 2.6.94.
Status
vulnerable
Previous vulnerability researches
GatorMail SmartForms (CVE-2024-11386) , Jan 12, 2025
Smart Forms – when you need more than just a contact form (CVE-2024-1905) , Jun 07, 2024
Smart Forms – when you need more than just a contact form (CVE-2023-7203) , Jun 07, 2024
Smart Forms – when you need more than just a contact form (CVE-2024-1307) , Jun 07, 2024
Smart Forms – when you need more than just a contact form (CVE-2024-1306) , Jun 07, 2024
New vulnerability
Popup Box – new WordPress popup plugin (CVE-2025-12122) , Apr 19, 2026
KiviCare – Clinic & Patient Management System (EHR) (CVE-2026-0927) , Apr 19, 2026
Terms Dictionary (CVE-2025-39534) , Apr 19, 2026
Quiz Maker (CVE-2025-58015) , Apr 19, 2026
Canto (CVE-2026-6441) , Apr 19, 2026