CyberRota Yorumu
Saldırganın giriş yapmış olması gerekebilir.
CVE
CVE-2026-11567
Severity
UNKNOWN
CVSS
N/A
EPSS
Yok
WordPress
Orijinal NVD Açıklaması
The SureForms WordPress plugin before 2.11.1 does not properly validate the payment amount on forms that use a dynamically-sourced (variable/hidden) payment amount, allowing unauthenticated users to underpay for the configured product or subscription. Forms using a fixed configured price are not affected.