PatchSiren

IT Path Solutions CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH IT Path Solutions CVE published 2026-06-15

CVE-2026-39449

CVE-2026-39449 is a high severity Unauthenticated Cross Site Scripting (XSS) vulnerability in Contact Form to Any API plugin versions up to 3.0.3. The vulnerability has a CVSS score of 7.1 and was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2026-39449).