Jetformbuilder Dynamic Blocks Form Builder
Monthly
Unauthorized wp_postmeta enumeration in JetFormBuilder (WordPress plugin, all versions through 3.6.3) allows unauthenticated remote attackers to extract arbitrary post meta values - including WooCommerce billing PII, payment tokens, and third-party plugin credentials - by exploiting a missing authorization check in the plugin's REST API generator endpoint. The flaw exists in the get_from_db generator function, which returns database values without verifying whether the requesting user is permitted to access them. No public exploit has been identified at time of analysis, but the attack is trivially executable against any site where a published JetFormBuilder form with a get_from_db field exists, as all required parameters (form ID, field name, generator ID) are discoverable by browsing the site's public forms.
Unauthorized wp_postmeta enumeration in JetFormBuilder (WordPress plugin, all versions through 3.6.3) allows unauthenticated remote attackers to extract arbitrary post meta values - including WooCommerce billing PII, payment tokens, and third-party plugin credentials - by exploiting a missing authorization check in the plugin's REST API generator endpoint. The flaw exists in the get_from_db generator function, which returns database values without verifying whether the requesting user is permitted to access them. No public exploit has been identified at time of analysis, but the attack is trivially executable against any site where a published JetFormBuilder form with a get_from_db field exists, as all required parameters (form ID, field name, generator ID) are discoverable by browsing the site's public forms.