HIGH
plugcrux
CVE published 2026-06-06
CVE-2026-8901
CVE-2026-8901 is a HIGH severity vulnerability (CVSS Score: 7.2) in the Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress. The vulnerability allows unauthenticated attackers to inject arbitrary web scripts via form submission data, which can be executed when an administrator views error log details.