CVE-2026-32332

CVE-2026-32332 affects the WordPress WordPress Easy Form plugin up to version 2.7.9. The issue is a Missing Authorization vulnerability stemming from incorrectly configured access control in Easy Form, potentially allowing unauthorized access to certain features due to insufficient authorization ...

CVE-2025-66117 WordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Easy Form easy-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Form: from n/a through = 2.7.8...

CVE-2025-27285

CVE-2025-27285 is a reflected XSS in WordPress plugin Easy Form by AYS, caused by improper input neutralization during web page generation. Affected: Easy Form by AYS (versions n/a–2.6.9). Impact per sources: potential user-facing cross-site scripting with HIGH severities (CVSS v3.1 ~7.1). Mitiga...

WordPress Easy Form Builder Plugin <= 3.7.4 is vulnerable to SQL Injection

Software Easy Form Builder Type Plugin Vulnerable versions = 3.7.4 Fixed in 3.7.5 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30535 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID f429d841104c Credits LVT-tholv2k Required privilege Contributor...