23 matches found
CVE-2026-12997
Summary of CVE-2026-12997 : The Gravity Forms plugin for WordPress is vulnerable to a Directory Traversal flaw in all versions up to and including 2.10.4, exploitable via the gform_uploaded_files parameter. An unauthenticated attacker can read arbitrary server files containing sensitive informati...
EUVD-2026-44761
The Gravity Forms plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.10.4 via the 'gformuploadedfiles' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain...
CVE-2026-12583
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...
EUVD-2026-43627
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...
CVE-2026-12583 Newsletters < 4.15 - Unauthenticated PHP Object Injection via Subscriber Custom Field
The Newsletters WordPress plugin before 4.15 does not prevent deserialization of untrusted input that is stored through a public form, allowing unauthenticated attackers to inject a PHP object and, via a property-oriented gadget chain bundled with the Newsletters WordPress plugin before 4.15, wri...
CVE-2026-11794
The Advanced Form Integration — Connect Forms to 200+ Apps WordPress plugin before 2.1.1 does not restrict the WordPress role assigned when it creates a user from a public form submission, allowing unauthenticated visitors to create an administrator account when an active integration maps the use...
CVE-2026-11794 Advanced Form Integration < 2.1.1 - Unauthenticated Privilege Escalation via Breakdance Form Role Mapping
The Advanced Form Integration — Connect Forms to 200+ Apps WordPress plugin before 2.1.1 does not restrict the WordPress role assigned when it creates a user from a public form submission, allowing unauthenticated visitors to create an administrator account when an active integration maps the use...
CVE-2026-11395
The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pullthetrigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...
CVE-2026-11395 CF7 to Webhook <= 5.0.0 - Unauthenticated Server-Side Request Forgery via CF7 Field Placeholder in Webhook URL Host
The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pullthetrigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...
CVE-2026-11395
CVE-2026-11395 : The CF7 to Webhook plugin for WordPress is vulnerable to unauthenticated Server-Side Request Forgery through the pull_the_trigger path, affecting all versions up to and including 5.0.0. Exploitation requires the admin-configured webhook URL to contain a Contact Form 7 field place...
PT-2026-47085
Name of the Vulnerable Software and Affected Versions NocoDB versions prior to 2026.05.1 Description The shared form-view submit handler in packages/nc-gui/composables/useSharedFormViewStore.ts fails to validate the URL scheme when writing the redirect url to window.location.href. While a same-ho...
EUVD-2026-30587
Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...
PT-2026-41352
Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a database id without verifying that the requesting user was a collaborator on that...
EUVD-2026-11032
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.11.1. This is due to the plugin trusting the mc4wpaction POST parameter without validation, allowing unauthenticated attackers to force the form to process...
EUVD-2026-11031
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.11.1. This is due to the plugin trusting the mc4wpaction POST parameter without validation, allowing unauthenticated attackers to force the form to process...
CVE-2026-1781 MC4WP: Mailchimp for WordPress <= 4.11.1 - Missing Authorization to Unauthenticated Arbitrary Subscription Deletion
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.11.1. This is due to the plugin trusting the mc4wpaction POST parameter without validation, allowing unauthenticated attackers to force the form to process...
CVE-2026-1781 MC4WP: Mailchimp for WordPress <= 4.11.1 - Missing Authorization to Unauthenticated Arbitrary Subscription Deletion
The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 4.11.1. This is due to the plugin trusting the mc4wpaction POST parameter without validation, allowing unauthenticated attackers to force the form to process...
CVE-2026-2365
The Fluent Forms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the fluentformstepformsavedata AJAX action in all versions up to, and including, 6.1.17. This is due to the draft form submission endpoint being publicly accessible without authentication or nonce...
CVE-2026-2471
The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the BaseModel class constructor calling maybeunserialize on all properties retrieved...
PT-2026-1634
Name of the Vulnerable Software and Affected Versions The Awesome Hotel Booking plugin for WordPress versions prior to 1.1 Description The plugin has a flaw allowing unauthorized data modification. This is due to insufficient authorization checks in the room-single.php shortcode handler,...