Skip to main content

Sigmaforms Pro Ai Generated Forms

1 CVEs product

Monthly

CVE-2026-52705 CRITICAL Act Now

Unauthenticated arbitrary file upload in the SigmaForms Pro - AI Generated Forms WordPress plugin (versions <= 1.4.5) allows remote attackers to upload files of their choosing to the underlying web server, enabling webshell deployment and full site takeover. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 9.0 with scope change, indicating impact beyond the vulnerable component. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

File Upload Sigmaforms Pro Ai Generated Forms
NVD
CVSS 3.1
9.0
EPSS
0.3%
EPSS 0% CVSS 9.0
CRITICAL Act Now

Unauthenticated arbitrary file upload in the SigmaForms Pro - AI Generated Forms WordPress plugin (versions <= 1.4.5) allows remote attackers to upload files of their choosing to the underlying web server, enabling webshell deployment and full site takeover. The flaw was disclosed by Patchstack and carries a CVSS 3.1 score of 9.0 with scope change, indicating impact beyond the vulnerable component. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

File Upload Sigmaforms Pro Ai Generated Forms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy