CVE-2026-5111 | Gravity Forms Plugin up to 2.10.0 on WordPress Product Name validate cross site scripting

Inserito da Angelo Barbosa | Mag 2, 2026 | CVE

A vulnerability, which was classified as problematic, was found in Gravity Forms Plugin up to 2.10.0 on WordPress. Affected is the function validate of the component Product Name Handler. The manipulation results in cross site scripting.

This vulnerability is known as CVE-2026-5111. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-5111 | Gravity Forms Plugin up to 2.10.0 on WordPress Product Name validate cross site scripting

Post correlati

CVE-2023-49433 | Tenda AX9 22.03.01.46 SetVirtualServerCfg list stack-based overflow

CVE-2025-38512 | Linux Kernel up to 6.1.145/6.6.98/6.12.38/6.15.6 mac80211_hwsim privilege escalation

CVE-2024-47322 | Ex-Themes WP Timeline Plugin up to 3.6.7 on WordPress cross site scripting

CVE-2025-26169 | IXON VPN Client up to 1.4.3 on Windows Configuration File permission assignment