CVE-2026-7798 | techjewel FluentCRM Plugin up to 2.9.87 on WordPress _fc_bounce_key SubscribeURL server-side request forgery

Inserito da Angelo Barbosa | Mag 22, 2026 | CVE

A vulnerability described as critical has been identified in techjewel FluentCRM Plugin up to 2.9.87 on WordPress. The impacted element is the function _fc_bounce_key. Such manipulation of the argument SubscribeURL leads to server-side request forgery.

This vulnerability is traded as CVE-2026-7798. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-7798 | techjewel FluentCRM Plugin up to 2.9.87 on WordPress _fc_bounce_key SubscribeURL server-side request forgery

Post correlati

CVE-2024-41170 | Siemens Tecnomatix Plant Simulation prior 2302.0015/2404.0004 SPP File stack-based overflow (ssa-427715)

CVE-2024-5092 | Elegant Addons for Elementor Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2024-42619 | Pligg CMS 2.0.2 domain_management.php cross-site request forgery

CVE-2024-30052 | Microsoft Visual Studio protection mechanism