8 matches found
CVE-2026-32409
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through = 1.50.2...
CVE-2026-32409
CVE-2026-32409 concerns the WordPress Forminator plugin (WPMU DEV) up to version 1.50.2, described as a Broken Access Control vulnerability caused by incorrectly configured access security levels. The issue is characterized as a missing authorization vulnerability that could allow unauthorized ac...
CVE-2026-32409 WordPress Forminator plugin <= 1.50.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Forminator forminator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Forminator: from n/a through = 1.50.2...
CVE-2026-2002
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the formname parameter in all versions up to, and including, 1.50.2 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2002 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the formname parameter in all versions up to, and including, 1.50.2 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2002
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the formname parameter in all versions up to, and including, 1.50.2 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-2002 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the formname parameter in all versions up to, and including, 1.50.2 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin = 1.50.2 - Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tiến Dũng Nguyễn in WordPress Plugin Forminator versions = 1.50.2...