8 matches found
CVE-2026-26188
Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...
CVE-2026-26188
Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...
CVE-2026-26188
The vulnerability CVE-2026-26188 affects Solspace Freeform plugin for Craft CMS 5.x. An authenticated, low-privilege user who can create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel builder and integrations views. User-controlled form labels and integration metadata are re...
CVE-2026-26188 Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP UI (builder/integrations)
Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...
CVE-2026-26188 Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP UI (builder/integrations)
Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...
CVE-2026-26188 Solspace Freeform plugin affected by Stored Cross-Site Scripting (XSS) in Freeform Craft Plugin CP UI (builder/integrations)
Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...
PT-2026-7943
Name of the Vulnerable Software and Affected Versions Solspace Freeform plugin for Craft CMS versions 5.0 through 5.14.6 Description A low-privilege authenticated user with form creation/editing permissions can inject arbitrary HTML and JavaScript code into the Craft Control Panel builder and...
Solspace Freeform plugin for Craft CMS 安全漏洞
Solspace Freeform plugin for Craft CMS is an open source plugin from Solspace. A security vulnerability exists in Solspace Freeform plugin for Craft CMS versions prior to 5.0.0 through 5.10.16, which stems from server-side template injection and could lead to arbitrary code execution...