2 matches found
CVE-2026-7798
creationtimestamp| type| source ---|---|--- 2026-05-22 13:02:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgylmkdyf2e...
CVE-2026-7798
The CVE-2026-7798 entry concerns the FluentCRM WordPress plugin (versions up to and including 2.9.87). A Blind Server-Side Request Forgery exists via the SubscribeURL parameter, enabling unauthenticated actors to make web requests from the application to internal/internal-facing targets and poten...