MEDIUM
fireplugins
CVE published 2026-06-18
CVE-2026-12120
The FireBox Popups – Increase Sales and Grow Your Email List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.7 via the 'form_id' parameter. This makes it possible for unauthenticated attackers to extract and download a full CSV export of all form submissions — including any personally identifiable information submitted by users — for any arbit [truncated]