PatchSiren cyber security CVE debrief
CVE-2026-40769 Satinder Singh CVE debrief
CVE-2026-40769 is a HIGH severity vulnerability in Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field <= 1.0.6 versions. The vulnerability allows unauthenticated arbitrary file deletion. The CVSS score is 8.6.
- Vendor
- Satinder Singh
- Product
- Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field
- CVSS
- HIGH 8.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-15
- Original CVE updated
- 2026-06-15
- Advisory published
- 2026-06-15
- Advisory updated
- 2026-06-15
Who should care
Users of Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin versions <= 1.0.6 should update to a patched version as soon as possible.
Technical summary
CVE-2026-40769 is a vulnerability in Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin. The vulnerability has a CVSS score of 8.6 and is classified as HIGH severity. The vulnerability allows unauthenticated arbitrary file deletion.
Defensive priority
HIGH
Recommended defensive actions
- Update to a patched version of Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin as soon as possible.
- Review and restrict file deletion permissions to prevent exploitation.
Evidence notes
Vendor and product information is not confirmed. The vulnerability was reported by [email protected].
Official resources
-
CVE-2026-40769 CVE record
CVE.org
-
CVE-2026-40769 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2026-40769 was published on 2026-06-15T21:16:49.477Z and modified on 2026-06-15T21:24:32.790Z.