CyberRota
← Ana sayfaya dön

CVE-2026-12557

MEDIUM · CVSS 5.3

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-07-03T06:16:21.207 · Çekilme zamanı: 2026-07-03T12:08:35.242309+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-12557
Severity
MEDIUM
CVSS
5.3
EPSS
Yok
WordPress

Orijinal NVD Açıklaması

The Ninja Forms - File Uploads plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.3.29. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to read all plugin debug log entries stored in the wp_nf3_log table or permanently delete all rows from that table.