Lucene search
+L

4 matches found

NVD
NVD
added 15 hours ago6 views

CVE-2026-14956

The Bricksforge plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.1.8.6. This is due to improper validation of the fieldIds parameter in the Pro Forms registration action, which allows attacker-supplied field IDs to be added to the trusted form-fie...

9.8CVSS
Exploits0References2
EUVD
EUVD
added 16 hours ago4 views

EUVD-2026-45123

The Bricksforge plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.1.8.6. This is due to improper validation of the fieldIds parameter in the Pro Forms registration action, which allows attacker-supplied field IDs to be added to the trusted form-fie...

9.8CVSS5.9AI score
Exploits0References2
CVE
CVE
added 16 hours ago12 views

CVE-2026-14956

The Bricksforge WordPress plugin is affected up to version 3.1.8.6, with a vulnerability in the Pro Forms registration action. The root cause is improper validation of the fieldIds parameter, allowing attacker-supplied field IDs to be added to the trusted form-field whitelist. This enables unauth...

9.8CVSS5.9AI score
Exploits0References2
Cvelist
Cvelist
added 2026/07/02 9:32 a.m.37 views

CVE-2026-9145 Database for Contact Form 7, WPforms, Elementor forms <= 1.5.1 - Unauthenticated Arbitrary File Copy/Upload via Elementor Pro Form Upload Field 'raw_value'

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the createentryel function in versions up to, and including, 1.5.1. The function reads rawvalue from Elementor Pro's FormRecord object for upload-type fields and passes it...

6.5CVSS0.00372EPSS
Exploits0References5
Rows per page
Query Builder