PatchSiren

fireplugins CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM fireplugins CVE published 2026-06-18

CVE-2026-12120

The FireBox Popups – Increase Sales and Grow Your Email List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.7 via the 'form_id' parameter. This makes it possible for unauthenticated attackers to extract and download a full CSV export of all form submissions — including any personally identifiable information submitted by users — for any arbit [truncated]