Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 23 Jun 2026 11:46:24 +0000 4fddce9c-879b-4097-b99e-5bd448697048 https://vulnerability.circl.lu/sighting/4fddce9c-879b-4097-b99e-5bd448697048/export {"uuid": "4fddce9c-879b-4097-b99e-5bd448697048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mootjayro42t", "content": "A WordPress form-entries plugin on 70,000+ sites has an unauthenticated file deletion bug (CVE-2026-9843, CVSS 8.1). A stranger plants it, an admin click fires it, and the site can be fully taken over. Patch to 1.5.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T02:43:07.093283Z"} {"uuid": "4fddce9c-879b-4097-b99e-5bd448697048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/suriq.io/post/3mootjayro42t", "content": "A WordPress form-entries plugin on 70,000+ sites has an unauthenticated file deletion bug (CVE-2026-9843, CVSS 8.1). A stranger plants it, an admin click fires it, and the site can be fully taken over. Patch to 1.5.2.\n\n#CVE #infosec #cybersecurity", "creation_timestamp": "2026-06-20T02:43:07.093283Z"} https://vulnerability.circl.lu/sighting/4fddce9c-879b-4097-b99e-5bd448697048/export Sat, 20 Jun 2026 02:43:07 +0000 0e3dedc3-3ea6-49cc-bd1c-6ff550611d2a https://vulnerability.circl.lu/sighting/0e3dedc3-3ea6-49cc-bd1c-6ff550611d2a/export {"uuid": "0e3dedc3-3ea6-49cc-bd1c-6ff550611d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mop5nox22k23", "content": "CVE-2026-9843 - Database for Contact Form 7, WPforms, Elementor forms\nCVE ID : CVE-2026-9843\n \n Published : June 20, 2026, 1:27 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to arbit...", "creation_timestamp": "2026-06-20T05:44:32.998606Z"} {"uuid": "0e3dedc3-3ea6-49cc-bd1c-6ff550611d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mop5nox22k23", "content": "CVE-2026-9843 - Database for Contact Form 7, WPforms, Elementor forms\nCVE ID : CVE-2026-9843\n \n Published : June 20, 2026, 1:27 a.m. | 2\u00a0hours, 15\u00a0minutes ago\n \n Description : The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to arbit...", "creation_timestamp": "2026-06-20T05:44:32.998606Z"} https://vulnerability.circl.lu/sighting/0e3dedc3-3ea6-49cc-bd1c-6ff550611d2a/export Sat, 20 Jun 2026 05:44:32 +0000 2a538d0d-013a-49ea-8366-8507f06df9c1 https://vulnerability.circl.lu/sighting/2a538d0d-013a-49ea-8366-8507f06df9c1/export {"uuid": "2a538d0d-013a-49ea-8366-8507f06df9c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9843", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mopim3in4r2e", "content": "HIGH severity path traversal in crmperks Database for Contact Form 7, WPforms, Elementor forms (\u22641.5.1) enables unauthenticated file deletion. Restrict admin access and avoid untrusted form entries until patched. https://radar.offseq.com/threat/cve-2026-9843-cwe-22-improper-limitation-of-a-path-a...", "creation_timestamp": "2026-06-20T09:00:30.437176Z"} {"uuid": "2a538d0d-013a-49ea-8366-8507f06df9c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9843", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mopim3in4r2e", "content": "HIGH severity path traversal in crmperks Database for Contact Form 7, WPforms, Elementor forms (\u22641.5.1) enables unauthenticated file deletion. Restrict admin access and avoid untrusted form entries until patched. https://radar.offseq.com/threat/cve-2026-9843-cwe-22-improper-limitation-of-a-path-a...", "creation_timestamp": "2026-06-20T09:00:30.437176Z"} https://vulnerability.circl.lu/sighting/2a538d0d-013a-49ea-8366-8507f06df9c1/export Sat, 20 Jun 2026 09:00:30 +0000 234d13cc-accb-481c-99a3-a1724598ed3d https://vulnerability.circl.lu/sighting/234d13cc-accb-481c-99a3-a1724598ed3d/export {"uuid": "234d13cc-accb-481c-99a3-a1724598ed3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9843", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116781614893343773", "content": "CVE-2026-9843: HIGH severity (CVSS 8.1) path traversal in crmperks Database for Contact Form 7, WPforms, Elementor forms (\u22641.5.1). Unauthenticated file deletion possible if admin interacts with malicious entries. Restrict access, monitor logs. https://radar.offseq.com/threat/cve-2026-9843-cwe-22-improper-limitation-of-a-path-a3dfc4d21233784d #OffSeq #WordPress #CVE20269843 #BlueTeam", "creation_timestamp": "2026-06-20T09:00:34.825121Z"} {"uuid": "234d13cc-accb-481c-99a3-a1724598ed3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-9843", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116781614893343773", "content": "CVE-2026-9843: HIGH severity (CVSS 8.1) path traversal in crmperks Database for Contact Form 7, WPforms, Elementor forms (\u22641.5.1). Unauthenticated file deletion possible if admin interacts with malicious entries. Restrict access, monitor logs. https://radar.offseq.com/threat/cve-2026-9843-cwe-22-improper-limitation-of-a-path-a3dfc4d21233784d #OffSeq #WordPress #CVE20269843 #BlueTeam", "creation_timestamp": "2026-06-20T09:00:34.825121Z"} https://vulnerability.circl.lu/sighting/234d13cc-accb-481c-99a3-a1724598ed3d/export Sat, 20 Jun 2026 09:00:34 +0000 683bc112-1b96-41a0-8eb8-a9ad61740604 https://vulnerability.circl.lu/sighting/683bc112-1b96-41a0-8eb8-a9ad61740604/export {"uuid": "683bc112-1b96-41a0-8eb8-a9ad61740604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116784901089180488", "content": "Some increased actor activities are shown targeting crmperks Database for Contact Form 7, WPforms, Elementor Forms Plugin (CVE-2026-9843) https://vuldb.com/vuln/372499/cti", "creation_timestamp": "2026-06-20T22:56:12.851006Z"} {"uuid": "683bc112-1b96-41a0-8eb8-a9ad61740604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116784901089180488", "content": "Some increased actor activities are shown targeting crmperks Database for Contact Form 7, WPforms, Elementor Forms Plugin (CVE-2026-9843) https://vuldb.com/vuln/372499/cti", "creation_timestamp": "2026-06-20T22:56:12.851006Z"} https://vulnerability.circl.lu/sighting/683bc112-1b96-41a0-8eb8-a9ad61740604/export Sat, 20 Jun 2026 22:56:12 +0000 16f454e2-ef1d-4739-94dc-7b74c7837050 https://vulnerability.circl.lu/sighting/16f454e2-ef1d-4739-94dc-7b74c7837050/export {"uuid": "16f454e2-ef1d-4739-94dc-7b74c7837050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3morlomn2gc2c", "content": "CVE-2026-9843 - Critical RCE in Database for Contact Form 7, WPforms, Elementor forms for WordPress. Arbitrary file deletion via insufficient path validation. CVSS 8.1. No patch available. Immediately review and restrict plugin usage. #CVE #...\n\nhttps://www.valtersit.com/cve/CVE-2026-9843/", "creation_timestamp": "2026-06-21T05:00:56.103058Z"} {"uuid": "16f454e2-ef1d-4739-94dc-7b74c7837050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-9843", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3morlomn2gc2c", "content": "CVE-2026-9843 - Critical RCE in Database for Contact Form 7, WPforms, Elementor forms for WordPress. Arbitrary file deletion via insufficient path validation. CVSS 8.1. No patch available. Immediately review and restrict plugin usage. #CVE #...\n\nhttps://www.valtersit.com/cve/CVE-2026-9843/", "creation_timestamp": "2026-06-21T05:00:56.103058Z"} https://vulnerability.circl.lu/sighting/16f454e2-ef1d-4739-94dc-7b74c7837050/export Sun, 21 Jun 2026 05:00:56 +0000