CVE-2026-15288: CWE-20 Improper Input Validation in brainstormforce SureForms – Drag & Drop Contact Form & Form Builder, Payment Form, Survey, Quiz & Calculator
SureForms – Drag and Drop Form Builder for WordPress versions up to and including 2.2.1 contains an improper input validation vulnerability. The plugin accepts payment amounts directly from…
Read the full articleYou might also wanna read
PBKDF2 JS Lib: Improper Input Validation Vulnerability
Article URL: Comments URL: Points: 3 # Comments: 1

CVE-2026-11462: Improper Authorization Vulnerability in BeikeShop Stripe Plugin (Up to v1.6.0.22)
A vulnerability was found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22. This impacts the function callback of the file p
Supply Chain Attack Compromises Official GravityForms Plugin Repository
Update 7-12-2025 06:00 UTC: We have observed some activity in regard to one of the backdoors that involves a gf_api_token parameter. The IP

WAF - WAF Release - 2025-09-29
This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an infor
Critical Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Unauthenticated attackers can exploit CVE-2026-3300 in Everest Forms Pro to inject and execute arbitrary PHP via Complex Calculation, enabli
Technical Analysis of CVE-2025-10035: A CVSS 10.0 Vulnerability in Fortra GoAnywhere MFT
File transfer used to be simple fun - fire up your favourite FTP client, log in to a glFTPd site, and you were done. Fast forward to 2025, a
labs.watchtowr.com·9mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.