Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/02/15 7:10 a.m.11 views

CVE-2026-2022

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.5AI score0.00252EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/14 6:42 a.m.4 views

CVE-2026-2022 Smart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS5.5AI score0.00252EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/14 6:42 a.m.27 views

CVE-2026-2022 Smart Forms <= 2.6.99 - Missing Authorization to Authenticated (Subscriber+) Campaign Data Exposure

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednaosmartformsgetcampaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00252EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/14 12:0 a.m.8 views

PT-2026-8088

The Smart Forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'rednao smart forms get campaigns' AJAX action in all versions up to, and including, 2.6.99. This makes it possible for authenticated attackers, with Subscriber-level access...

4.3CVSS5.5AI score0.00252EPSS
Exploits0References4
Rows per page
Query Builder