Filtered by vendor Ultimate-form-builder-lite
Subscriptions
Filtered by product Ultimate Form Builder Lite
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25352 | 3 Accesspressthemes, Ultimate-form-builder-lite, Wordpress | 3 Ultimate-form-builder-lite, Ultimate Form Builder Lite, Wordpress | 2026-05-25 | 7.1 High |
| WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the entry_id POST parameter. Attackers can send POST requests to the admin-ajax.php endpoint with the ufbl_get_entry_detail_action action to extract, modify, or escalate privileges within the WordPress database. | ||||
Page 1 of 1.