CVE-2026-15395
The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin is affected by CVE-2026-15395: Stored XSS via the digitalSignature field in all versions up to and including 2.4.18, caused by insufficient input sanitization and output escaping. The vulnerability allows unauthenticated attac...