CVE Alert & Security Feed

Stats Digest Feeds

← Back to all CVEs

CVE-2026-39594

MEDIUM NVD

CVSS Score 6.4

Severity MEDIUM

Published Jun 15, 2026

Vendor unknown

Description

Subscriber Broken Access Control in Ultra Addons for WPForms <= 1.0.11 versions.

References

https://patchstack.com/database/wordpress/plugin/ultra-addons-for-wpforms/vulnerability/wordpress-ultra-addons-for-wpforms-plugin-1-0-11-broken-access-control-vulnerability?_s_id=cve