CVE-2026-48866

🗓️ 01 Jun 2026 14:39:47Reported by PatchstackType

cve🔗 web.nvd.nist.gov👁 42 Views🌐 WEB

WordPress Gravity Forms plugin up to version 2.10.0.1 allows path traversal and file deletion.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2026-48866	5 Jun 202614:00	–	circl
CNNVD	WordPress plugin Gravity Forms 路径遍历漏洞	1 Jun 202600:00	–	cnnvd
Cvelist	CVE-2026-48866 WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability	1 Jun 202614:39	–	cvelist
GithubExploit	Exploit for CVE-2026-48866	5 Jun 202613:38	–	githubexploit
EUVD	EUVD-2026-33650	1 Jun 202614:39	–	euvd
NVD	CVE-2026-48866	1 Jun 202615:16	–	nvd
Packet Storm	📄 WordPress Gravity Forms 2.10.0.1 File Deletion / Path Traversal	12 Jun 202600:00	–	packetstorm
Patchstack	WordPress Gravity Forms plugin <= 2.10.0.1 - Arbitrary File Deletion vulnerability	1 Jun 202613:42	–	patchstack
Positive Technologies	PT-2026-45440	1 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-48866	5 Jun 202619:13	–	redhatcve

Vulners

Node

rocketgenius_inc.gravity_formsRange≤2.10.0.1wordpress

[
  {
    "vendor": "Rocketgenius Inc.",
    "product": "Gravity Forms",
    "versions": [
      {
        "status": "affected",
        "version": "n/a",
        "lessThanOrEqual": "2.10.0.1",
        "changes": [
          {
            "at": "2.10.1",
            "status": "unaffected"
          }
        ],
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
patchstack	www.patchstack.com/database/wordpress/plugin/gravityforms/vulnerability/wordpress-gravity-forms-plugin-2-10-0-1-arbitrary-file-deletion-vulnerability

Parameter	Position	Path	Description	CWE
is_submit_1	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_submit	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_unique_id	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_uploaded_files	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_target_page_number_1	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_source_page_number_1	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_field_values	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
action	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22
gform_ajax_nonce	request body	wp-admin/admin-ajax.php	Gravity Forms path traversal payload submitted via admin-ajax.php for form submission (gform_uploaded_files) enabling traversal outside the uploads directory.	CWE-22

17 Jun 2026 10:55Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.19.6

EPSS0.005

SSVC

CWE-22