CVE-2026-3359 | 10web Form Maker Plugin up to 1.15.42 on WordPress inputs sql injection

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in 10web Form Maker Plugin up to 1.15.42 on WordPress and classified as critical. Affected by this issue is some unknown functionality. Executing a manipulation of the argument inputs can lead to sql injection.

This vulnerability is registered as CVE-2026-3359. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-3359 | 10web Form Maker Plugin up to 1.15.42 on WordPress inputs sql injection

Post correlati

CVE-2024-29191 | AlexxIT go2rtc up to 1.8.5 GET Parameter links.html src cross site scripting (GHSL-2023-205)

CVE-2024-40087 | Vilo Mesh WiFi System up to 5.16.1.33 TCP Service Port 5432 Remote Code Execution

CVE-2024-20327 | Cisco IOS XR on ASR 9000 PPPoE denial of service (cisco-sa-iosxr-pppma-JKWFgneW)

CVE-2025-23227 | IBM Tivoli Application Dependency Discovery Manager up to 7.3.0.11 Web UI cross site scripting