CVE-2026-42742

The CVE-2026-42742 entry concerns the WordPress plugin Views for WPForms Lite (Views for WPForms, plugin) with an SQL Injection vulnerability. Affected version range is Views for WPForms: from n/a through

WordPress Views for WPForms plugin <= 3.2.2 - Cross-Site Request Forgery via create_view vulnerability

Cross-Site Request Forgery via createview vulnerability discovered by Francesco Carlucci in WordPress Plugin Views for WPForms versions = 3.2.2...

WordPress Views for WPForms plugin <= 3.2.2 - Missing Authorization via get_form_fields vulnerability

Missing Authorization via getformfields vulnerability discovered by Francesco Carlucci in WordPress Plugin Views for WPForms versions = 3.2.2...