{"uuid": "4fddce9c-879b-4097-b99e-5bd448697048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mootjayro42t", "content": "A WordPress form-entries plugin on 70,000+ sites has an unauthenticated file deletion bug (CVE-2026-9843, CVSS 8.1). A stranger plants it, an admin click fires it, and the site can be fully taken over. Patch to 1.5.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T02:43:07.093283Z"}