CVE-2026-11579: CWE-434 Unrestricted Upload of File with Dangerous Type in Kali Forms — Contact Form & Drag-and-Drop Builder
Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin versions before 2.4.17 allow unauthenticated users to upload files to the WordPress Media Library without verifying that the upload…
Read the full article2d agoen
You might also wanna read
CVE-2026-15094: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in thimpress WP Hotel Booking
radar.offseq.com·40m ago
CVE-2026-60060: Improper handling of length parameter inconsistency in TeraTerm Project TTSSH2
radar.offseq.com·1h ago
CVE-2026-14503: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in ploudapp pCloud WP Backup
radar.offseq.com·1h ago
CVE-2026-15161: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in SaturdayDrive Ninja Forms - Excel Export
radar.offseq.com·1h ago
CVE-2026-15349: CWE-862 Missing Authorization in wedevs ERP: Complete HR, Accounting & CRM Suite Built for WooCommerce
radar.offseq.com·1h ago
CVE-2026-15457: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in themeum Kirki – Freeform Page Builder, Website Builder & Customizer
radar.offseq.com·1h ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.