CVE-2025-32269

medium

Description

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Cross Site Request Forgery. This issue affects WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.3.

References

https://patchstack.com/database/wordpress/plugin/cf7-zendesk/vulnerability/wordpress-wp-zendesk-for-contact-form-7-wpforms-elementor-formidable-and-ninja-forms-plugin-1-1-3-cross-site-request-forgery-csrf-to-settings-change-vulnerability?_s_id=cve

Details

Source: Mitre, NVD

Published: 2025-04-04

Updated: 2025-04-07

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N