Plataforma
wordpress
Componente
form-maker
Corrigido em
1.15.39
CVE-2026-39502 represents a SQL Injection vulnerability discovered in the Form Maker by 10Web WordPress plugin. This flaw allows unauthenticated attackers to inject malicious SQL queries, potentially leading to unauthorized access and extraction of sensitive data from the database. The vulnerability affects versions of the plugin up to and including 1.15.38. A patch is available in version 1.15.39.
Status do Exploit
Vetor CVSS
Atualize para a versão 1.15.39, ou uma versão corrigida mais recente
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2026-39502 is a SQL Injection vulnerability in the Form Maker by 10Web WordPress plugin. It allows attackers to inject SQL code into database queries, potentially stealing sensitive information.
You are affected if you are using Form Maker by 10Web WordPress plugin version 1.15.38 or earlier. It is crucial to check your plugin version and update immediately if vulnerable.
The vulnerability is fixed in version 1.15.39 of the Form Maker by 10Web plugin. Update your plugin to this version or later to mitigate the risk.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.