cleantalk
Vulnerabilities and Security Researches

Easy Form Builder, CVE-2026-42747

CVE, Research URL

CVE-2026-42747

Home page URL

Security reports for Easy Form Builder

Application

Easy Form Builder

Published on
May 27, 2026
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 4.0.6.
Affected versions
max 4.0.6.
Status
vulnerable
Previous vulnerability researches
GoStats for WordPress (CVE-2026-8943) , May 29, 2026
New vulnerability
Disable Comments for Any Post Types (Remove comments) (CVE-2026-42749) , May 29, 2026
Rank Math SEO with AI SEO Tools (CVE-2025-12714) , May 29, 2026
WP Contact Form 7 DB Handler (CVE-2026-6455) , May 29, 2026
Duplicate Page and Post (CVE-2026-49046) , May 29, 2026
a3 Lazy Load (CVE-2026-6427) , May 29, 2026