MatzeKitt
published
GHSA-j4c2-7p87-q824Apr 20, 2023
Package
Form Block
(WordPress)
Affected versions
< 1.0.2
Patched versions
1.0.2
Description
Due to a missing nonce check, there is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing.
Due to a missing nonce check, there is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing.
Recommendation
Update to version 1.0.2