CVE-2026-32484 WordPress weForms plugin <= 1.6.26 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through = 1.6.26...

CVE-2025-69028 WordPress weForms plugin <= 1.6.25 - Broken Access Control vulnerability

Missing Authorization vulnerability in BoldGrid weForms weforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weForms: from n/a through = 1.6.25...

WordPress weForms Plugin <= 1.6.21 is vulnerable to Cross Site Scripting (XSS)

Software weForms Type Plugin Vulnerable versions = 1.6.21 Fixed in 1.6.22 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0386 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID db1e50c55827 Credits drop Required privilege...

WordPress weForms Plugin <= 1.6.18 is vulnerable to Broken Access Control

Software weForms Type Plugin Vulnerable versions = 1.6.18 Fixed in 1.6.19 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51524 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e12fa215be85 Credits emad Required privilege Subscriber...