CVE-2026-14894: CWE-434 Unrestricted Upload of File with Dangerous Type in WebRehab Super Forms – Drag & Drop Form Builder
The Super Forms – Drag & Drop Form Builder WordPress plugin is affected by an arbitrary file upload vulnerability in all versions up to and including 6.3.313. This vulnerability arises from missing…
Read the full articleYou might also wanna read

WAF - WAF Release - 2025-09-29
This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an infor

WAF - WAF Release - 2025-08-04
This week's highlight focuses on a series of significant vulnerabilities identified across widely adopted web platforms, from enterprise-gra
Critical Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Unauthenticated attackers can exploit CVE-2026-3300 in Everest Forms Pro to inject and execute arbitrary PHP via Complex Calculation, enabli

WAF - WAF Release - 2025-09-08
This week's update This week’s focus highlights newly disclosed vulnerabilities in web frameworks, enterprise applications, and widely deplo

Maximum-Severity Adobe ColdFusion Flaw Exploited Within Hours of Disclosure
A critical vulnerability (CVE-2026-48282, CVSS 10.0) was disclosed affecting Adobe ColdFusion, allowing attackers to achieve full remote cod

WAF - WAF Release - 2025-06-16
This week’s roundup highlights multiple critical vulnerabilities across popular web frameworks, plugins, and enterprise platforms. The focus

Comments
Sign in to join the conversation.
No comments yet. Be the first.