CVE-2024-1306 Information

Description

The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks such as editing entries and we consider it a medium risk.

Reference

https://wpscan.com/vulnerability/c7ce2649-b2b0-43f4-994d-07b1023405e9/