Back to CVE List

CVE-2026-11880

LOW SEVERITY

CVSS Score & Metrics

Base Score
3.1 / 10
Vector String
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

Vulnerability Description

The Fluent Forms WordPress plugin before 6.2.1 does not properly verify ownership before processing a subscription cancellation request, allowing authenticated users with a low-privilege account to cancel subscriptions belonging to other users.

Vulnerability Details

Published Date
Last Modified
Source
NVD
Vendor
Unknown
Product
Fluent Forms

External References

Discussion (0)

Add Comment

No comments yet. Be the first!