cvedb.io
CVE-2023-0816
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2023-03-27T16:15:09.277 · Last modified 2026-06-17T05:26:22.410

Summary

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections.

Affected products

strategy11 — formidable_form_builder

Does this affect you?

Add your gear to cvedb and we'll alert you only when strategy11 ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.