Possible Security Flaw in Shortcode Forms
-
Hi Team,
I would like to know if there’s some misconfiguration at my end or is it an actual security flaw – but would it be right to write the entire test case here in a public post?
The flaw that I found was when someone filled in the the Shortcode Form generated by WP-CRM (may be using CF7, I don’t know) allows for updation of data of other users (e.g. First Name, Last Name, Phone Number) without valid authorization.
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Possible Security Flaw in Shortcode Forms’ is closed to new replies.