{"uuid": "d5887c5c-6075-4890-ba57-53a357f05928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14894", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mqf2l3jcd325", "content": "\ud83d\udd34 EXPLOITED\n\nA critical flaw in the Super Forms WordPress plugin lets a stranger upload a file and run code on your site, no login needed.\n\nA public exploit is already circulating.\n\nAffects every version up to 6.3.313. Fix: update to 6.3.314. (CVE-2026-14894)", "creation_timestamp": "2026-07-11T16:13:10.343724Z"}