cleantalk
Vulnerabilities and Security Researches

Easy Form Builder, CVE-2026-42747

CVE, Research URL

CVE-2026-42747

Home page URL

Security reports for Easy Form Builder

Application

Easy Form Builder

Published on
May 27, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 4.0.6.
Affected versions
max 4.0.6.
Status
vulnerable
Previous vulnerability researches
Admin Menu Editor (CVE-2024-24876) , Jun 06, 2024
Admin Menu Editor (CVE-2026-32456) , Mar 29, 2026
Admin Menu Editor (CVE-2025-9493) , Sep 07, 2025
New vulnerability
Duplicate Page and Post (CVE-2026-49046) , May 29, 2026
a3 Lazy Load (CVE-2026-6427) , May 29, 2026
Advanced Custom Fields: Extended (CVE-2026-8809) , May 29, 2026
Master Slider &#8211; Responsive Touch Slider (CVE-2026-48968) , May 29, 2026
Easy Form Builder (CVE-2026-42747) , May 29, 2026