Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Fri, 29 May 2026 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Hassantafreshi
Hassantafreshi easy Form Builder Wordpress Wordpress wordpress |
|
| Vendors & Products |
Hassantafreshi
Hassantafreshi easy Form Builder Wordpress Wordpress wordpress |
Wed, 27 May 2026 11:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 27 May 2026 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 4.0.6. | |
| Title | WordPress Easy Form Builder plugin <= 4.0.6 - SQL Injection vulnerability | |
| Weaknesses | CWE-89 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-05-27T10:50:32.583Z
Reserved: 2026-04-29T09:05:30.887Z
Link: CVE-2026-42747
Updated: 2026-05-27T10:50:27.399Z
Status : Deferred
Published: 2026-05-27T11:16:21.173
Modified: 2026-06-17T10:48:19.897
Link: CVE-2026-42747
No data.
OpenCVE Enrichment
Updated: 2026-05-29T15:50:56Z