CRITICAL
Happyforms
CVE published 2026-06-15
CVE-2026-49768
CVE-2026-49768 is a critical vulnerability in the Happyforms plugin for WordPress, affecting versions up to and including 1.26.13. This vulnerability allows for unauthenticated PHP object injection, which can lead to severe consequences, including code execution, data breaches, and complete control of the affected system. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 9.8, [truncated]