Tag

#WordPress

Understanding Insufficient Verification of Data Authenticity: The CVE-2026-7792 Vulnerability

The WPForms plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity, allowing unauthenticated attackers to forge PayPal webhook events and modify subscription payment records. This vulnerability has a severity score of 5.3 and affects versions up to and including 1.10.0.1. Understanding this vulnerability can help users take necessary precautions to protect their websites.

Jun 8, 20261 source

newsMEDIUM 5.3

WordPress Breeze Plugin Vulnerability Exposes Sensitive Information

The Breeze plugin for WordPress is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in all versions up to, and including, 2.5.2.

May 31, 20261 source