Security Advisory

CVE-2022-23180

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-16 15:52:09

Last updated 2025-06-16 18:03:39

Assigner WPScan

State PUBLISHED

Description

The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.4 doesnt have authorisation and nonce checks, which could allow any authenticated users, such as subscriber to update and change various settings

← Browse all CVEs View on cve.org ↗