cleantalk
Vulnerabilities and Security Researches

Contact Form by WPForms – Drag & Drop Form Builder for WordPress, CVE-2026-48835

CVE, Research URL

CVE-2026-48835

Home page URL

Security reports for Contact Form by WPForms – Drag & Drop Form Builder for WordPress

Application

Contact Form by WPForms – Drag & Drop Form Builder for WordPress

Published on
-
Research Description
WPForms &#8211; Easy Form Builder for WordPress &#8211; Contact Forms, Payment Forms, Surveys, &amp; More [wpforms-lite] < 1.10.0.5 CVE-2026-48835
Affected versions
max 1.10.0.5.
Status
vulnerable
Previous vulnerability researches
Views for WPForms &#8211; Display &amp; Edit WPForms Entries on your site frontend (CVE-2024-0371) , Jun 07, 2024
Views for WPForms &#8211; Display &amp; Edit WPForms Entries on your site frontend (CVE-2024-0374) , Jun 07, 2024
Views for WPForms &#8211; Display &amp; Edit WPForms Entries on your site frontend (CVE-2024-0372) , Jun 07, 2024
Views for WPForms &#8211; Display &amp; Edit WPForms Entries on your site frontend (CVE-2024-0370) , Jun 07, 2024
Views for WPForms &#8211; Display &amp; Edit WPForms Entries on your site frontend (CVE-2024-0373) , Jun 07, 2024
New vulnerability
Kirki Customizer Framework (CVE-2026-8206) , Jun 03, 2026
POST SMTP &#8211; The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications (CVE-2026-48838) , Jun 02, 2026
Contact Form by WPForms – Drag & Drop Form Builder for WordPress (CVE-2026-48835) , Jun 02, 2026
User Registration &#8211; Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2026-25425) , Jun 02, 2026
Accept Stripe Payments (CVE-2026-42752) , Jun 02, 2026