CVE-2026-1454 | themehunk Lead Form Builder & Contact Form Plugin up to 2.0.1 on WordPress lfb_lead_sanitize cross site scripting

Inserito da Angelo Barbosa | Mar 11, 2026 | CVE

A vulnerability, which was classified as problematic, was found in themehunk Lead Form Builder & Contact Form Plugin up to 2.0.1 on WordPress. Impacted is the function lfb_lead_sanitize. Such manipulation leads to cross site scripting.

This vulnerability is documented as CVE-2026-1454. The attack can be executed remotely. There is not any exploit available.

CVE-2026-1454 | themehunk Lead Form Builder & Contact Form Plugin up to 2.0.1 on WordPress lfb_lead_sanitize cross site scripting

Post correlati

CVE-2023-40106 | Google Android 11/12/12L/13/14 NotificationManagerService.java sanitizeSbn Local Privilege Escalation

CVE-2024-10570 | CleanTalk Security & Malware Scan Plugin up to 2.145 on WordPress sql injection

CVE-2024-51506 | Tiki up to 27.0 Create a Wiki Pages description cross site scripting

CVE-2024-4459 | Themesflat Addons for Elementor Plugin up to 2.1.1 on WordPress Widget Titles cross site scripting