CVE-2026-9278 | CodePeople Form Builder CP Plugin up to 1.2.46 on WordPress Configuration cross site scripting

Inserito da Angelo Barbosa | Giu 15, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in CodePeople Form Builder CP Plugin up to 1.2.46 on WordPress. Affected is an unknown function of the component Configuration Handler. Performing a manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-9278. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-9278 | CodePeople Form Builder CP Plugin up to 1.2.46 on WordPress Configuration cross site scripting

Post correlati

CVE-2023-28526 | IBM Informix Dynamic Server 12.10/14.10 archecker heap-based overflow (XFDB-251204)

CVE-2025-5650 | 1000projects Online Notice Board 1.0 /register.php fname sql injection

CVE-2026-4040 | OpenClaw up to 2026.2.17 File Existence tools.exec.safeBins information exposure (GHSA-6c9j-x93c-rw6j)

CVE-2024-55341 | Piranha CMS 11.1 Markdown /manager/pages cross site scripting