CVE-2026-5524
The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and including 5.1.8. This is due to insufficient file extension validation in the doimageupload function where user-supplied input from the acceptFileTypes POST...