CVEbaza.plCWE DictionaryCWE-1078
Common Weakness Enumeration

CWE-1078

Inappropriate Source Code Style or Formatting

Category: ClassCVE: 1
Description

The source code does not follow desired style or formatting for indentation, white space, comments, etc.

CVE vulnerabilities with CWE-1078 (1)
5.4
CVSS
MEDIUM
CVE-2024-0667

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.15.21. This is due to missing or incorrect nonce validation on the 'execute' function. This makes it possible for unauthenticated attackers to execute arbitrary methods in the 'BoosterController' class via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

pub. 2024-01-27
Information
ID: CWE-1078
Type: Class
Vulnerabilities: 1
MITRE CWE ↗
← CWE Dictionary