We’re taking on a small number of new builds and rebuilds this quarter. Book a call to see if your project is a fit.

CVE CVE-2026-1753

CVE-2026-1753

WordPress

Severity: MEDIUM
CVSS: 6.8CVSS
Published: 2026-03-11
Last modified: 2026-03-11
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
CWE: CWE-639

Description

The Gutena Forms WordPress plugin before 1.6.1 does not validate option to be updated, which could allow contributors and above role to update arbitrary boolean and array options (such as users_can_register).

References

https://wpscan.com/vulnerability/c42dbab9-b729-4748-88e5-0bd2f6d66e3d/

Summary

Description

References