CVE-2020-13764

Published June 2nd, 2020

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because user_pass is not considered a special case for a $current_user->get($property) call.

wp-premium/gravityforms

🚚 Moved to https://github.com/pronamic/gravityforms.

GitHub

414