CVE-2026-11880
LOW SEVERITYCVSS Score & Metrics
Base Score
3.1 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Description
The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing authenticated users with a low-privilege account to cancel subscriptions belonging to other users.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Vendor
Unknown
Product
Fluent Forms
Discussion (0)
Add Comment
No comments yet. Be the first!