CVE-2026-4987 | brainstormforce SureForms Plugin up to 2.5.2 on WordPress Setting create_payment_intent form_id improper authentication

Inserito da Angelo Barbosa | Mar 28, 2026 | CVE

A vulnerability was found in brainstormforce SureForms Plugin up to 2.5.2 on WordPress. It has been rated as critical. Affected is the function create_payment_intent of the component Setting Handler. This manipulation of the argument form_id causes improper authentication.

This vulnerability is tracked as CVE-2026-4987. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-4987 | brainstormforce SureForms Plugin up to 2.5.2 on WordPress Setting create_payment_intent form_id improper authentication

Post correlati

CVE-2024-39143 | ResidenceCMS 2.10.1 cross site scripting

CVE-2024-39484 | Linux Kernel up to 6.1.94/6.6.33/6.9.4 davinci Privilege Escalation

CVE-2024-9038 | Codezips Online Shopping Portal 1.0 insert-product.php productimage1/productimage2/productimage3 unrestricted upload

CVE-2023-41542 | jeecg-boot 3.5.3 jmreport/qurestSql sql injection