CyberRota
← Ana sayfaya dön

CVE-2026-1239

HIGH · CVSS 7.5 EPSS %0.26

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-01T07:16:22.983 · Çekilme zamanı: 2026-07-01T18:36:36.113299+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-1239
Severity
HIGH
CVSS
7.5
EPSS
%0.26
WordPress

Orijinal NVD Açıklaması

The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the 'ninja-forms-views/token/refresh' REST callback in all versions up to, and including, 3.14.1. This makes it possible for unauthenticated attackers to view form submissions, which could potentially contain sensitive information.