cleantalk
Vulnerabilities and Security Researches

weForms – Easy Drag & Drop Contact Form Builder For WordPress, CVE-2026-32484

CVE, Research URL

CVE-2026-32484

Home page URL

Security reports for weForms – Easy Drag & Drop Contact Form Builder For WordPress

Application

weForms – Easy Drag & Drop Contact Form Builder For WordPress

Published on
Mar 25, 2026
Research Description
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
Affected versions
max 1.6.26.
Status
vulnerable
Previous vulnerability researches
weForms &#8211; Easy Drag &amp; Drop Contact Form Builder For WordPress (CVE-2023-51524) , Jun 10, 2024
weForms &#8211; Easy Drag &amp; Drop Contact Form Builder For WordPress (CVE-2026-32484) , Mar 29, 2026
weForms &#8211; Easy Drag &amp; Drop Contact Form Builder For WordPress (CVE-2025-69028) , Jan 10, 2026
weForms &#8211; Easy Drag &amp; Drop Contact Form Builder For WordPress (CVE-2024-32512) , Jun 06, 2024
weForms &#8211; Easy Drag &amp; Drop Contact Form Builder For WordPress (CVE-2024-0386) , Jun 06, 2024
New vulnerability
BackWPup &#8211; WordPress Backup Plugin (CVE-2025-15041) , Mar 29, 2026
hCaptcha for WordPress (CVE-2026-25315) , Mar 29, 2026
Breeze &#8211; WordPress Cache Plugin (CVE-2025-13864) , Mar 29, 2026
SMTP Mailer (CVE-2026-32538) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25362) , Mar 29, 2026