{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T17:21:06.593","vulnerabilities":[{"cve":{"id":"CVE-2024-2043","sourceIdentifier":"security@wordfence.com","published":"2024-05-02T17:15:15.187","lastModified":"2026-04-08T18:20:57.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when downloading form submissions in all versions up to, and including, 2.9.9.7. This makes it possible for unauthenticated attackers to view form submissions."},{"lang":"es","value":"El complemento EleForms – All In One Form Integration including DB for Elementor para WordPress, es vulnerable al acceso no autorizado a los datos debido a una falta de verificación de capacidad al descargar envíos de formularios en todas las versiones hasta la 2.9.9.7 incluida. Esto hace posible que atacantes no autenticados vean los envíos de formularios."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"security@wordfence.com","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theinnovs:eleforms:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.9.9.8","matchCriteriaId":"688BB3AC-45D1-455F-9A7D-6D7FE148E208"}]}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/all-contact-form-integration-for-elementor/trunk/includes/export_csv.php#L14","source":"security@wordfence.com","tags":["Product"]},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3056456%40all-contact-form-integration-for-elementor%2Ftrunk&old=3021680%40all-contact-form-integration-for-elementor%2Ftrunk&sfp_email=&sfph_mail=","source":"security@wordfence.com","tags":["Patch"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6a40ed3c-1f4b-4bf7-b6f4-fc1e145cc989?source=cve","source":"security@wordfence.com","tags":["Third Party Advisory"]},{"url":"https://plugins.trac.wordpress.org/browser/all-contact-form-integration-for-elementor/trunk/includes/export_csv.php#L14","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3056456%40all-contact-form-integration-for-elementor%2Ftrunk&old=3021680%40all-contact-form-integration-for-elementor%2Ftrunk&sfp_email=&sfph_mail=","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6a40ed3c-1f4b-4bf7-b6f4-fc1e145cc989?source=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}