Information Disclosure? | WordPress.org

omtr
(@omtr)

10 years, 2 months ago

Obviously you can easily generate other user’s form submissions by simply manipulating the download links. By changing the &lid Parameter in the URL i was able to see all data previously submitted by me or other users.

https://wordpress.org/plugins/gravity-pdf-download-pdf-button/

The topic ‘Information Disclosure?’ is closed to new replies.

0 replies
1 participant
Last reply from: omtr
Last activity: 10 years, 2 months ago
Status: not resolved