Browse all 4 CVE security advisories affecting nCrafts. AI-powered Chinese analysis, POCs, and references for each vulnerability.
nCrafts develops security testing tools and penetration testing platforms, primarily serving security professionals and organizations conducting vulnerability assessments. Historically, nCrafts products have been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. These vulnerabilities often stem from improper input validation and insecure default configurations. The company has addressed several critical security flaws, with four CVEs currently documented in public records. While no major security incidents have been widely reported, the recurring nature of these vulnerabilities suggests a need for enhanced security-by-design principles in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47823 | WordPress FormCraft – Contact Form Builder for WordPress plugin <= 1.2.7 - Broken Access Control vulnerability — FormCraftCWE-862 | 5.3 | Medium | 2024-12-09 |
| CVE-2024-43157 | WordPress FormCraft plugin <= 1.2.10 - Broken Access Control vulnerability — FormCraftCWE-862 | 4.3 | Medium | 2024-11-01 |
| CVE-2023-22717 | WordPress FormCraft Plugin <= 1.2.6 is vulnerable to Cross Site Scripting (XSS) — FormCraftCWE-79 | 6.5 | Medium | 2023-05-15 |
| CVE-2019-5920 | WordPress FormCraft 跨站请求伪造漏洞 — FormCraft | 8.8 | - | 2019-03-12 |
This page lists every published CVE security advisory associated with nCrafts. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.