CVE Alert & Security Feed

Stats Digest Feeds

← Back to all CVEs

CVE-2026-39502

CRITICAL NVD

CVSS Score 9.3

Severity CRITICAL

Published Jun 15, 2026

Vendor unknown

Description

Unauthenticated SQL Injection in Form Maker by 10Web <= 1.15.38 versions.

References

https://patchstack.com/database/wordpress/plugin/form-maker/vulnerability/wordpress-form-maker-by-10web-plugin-1-15-38-sql-injection-vulnerability?_s_id=cve