平台
wordpress
组件
form-maker
修复版本
1.15.39
CVE-2026-39502 represents a SQL Injection vulnerability discovered in the Form Maker by 10Web WordPress plugin. This flaw allows unauthenticated attackers to inject malicious SQL queries, potentially leading to unauthorized access and extraction of sensitive data from the database. The vulnerability affects versions of the plugin up to and including 1.15.38. A patch is available in version 1.15.39.
漏洞利用状态
CVSS 向量
Update to version 1.15.39, or a newer patched version
漏洞分析和关键警报直接发送到您的邮箱。
CVE-2026-39502 is a SQL Injection vulnerability in the Form Maker by 10Web WordPress plugin. It allows attackers to inject SQL code into database queries, potentially stealing sensitive information.
You are affected if you are using Form Maker by 10Web WordPress plugin version 1.15.38 or earlier. It is crucial to check your plugin version and update immediately if vulnerable.
The vulnerability is fixed in version 1.15.39 of the Form Maker by 10Web plugin. Update your plugin to this version or later to mitigate the risk.
上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。