CyberRota
← Ana sayfaya dön

CVE-2026-4986

MEDIUM · CVSS 5.3 EPSS %0.20

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-09T06:16:53.797 · Çekilme zamanı: 2026-06-30T12:13:36.867308+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-4986
Severity
MEDIUM
CVSS
5.3
EPSS
%0.20
WordPress

Orijinal NVD Açıklaması

The WPForms WordPress plugin before 1.10.0.5 does not verify the authenticity of incoming PayPal webhook events before processing them, allowing unauthenticated attackers to forge webhook payloads and manipulate the payment state of arbitrary transactions.