A vulnerability, which was classified as problematic, has been found in jetmonsters JetFormBuilder Plugin up to 3.5.6.2 on WordPress. This vulnerability affects the function
Uploaded_File::set_from_array. Performing a manipulation results in absolute path traversal.
This vulnerability is identified as CVE-2026-4373. The attack can be initiated remotely. There is not any exploit available.
