Analysis and contextual insights are available on OpenCVE Cloud.
Vendor Solution
Update the WordPress MW WP Form Plugin to the latest available version (at least 5.1.4).
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 23 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Takashi Kitajima
Takashi Kitajima mw Wp Form Wordpress Wordpress wordpress |
|
| Vendors & Products |
Takashi Kitajima
Takashi Kitajima mw Wp Form Wordpress Wordpress wordpress |
Tue, 16 Jun 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 15 Jun 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions. | |
| Title | WordPress MW WP Form plugin <= 5.1.3 - Cross Site Scripting (XSS) vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-06-16T15:06:43.370Z
Reserved: 2026-05-25T22:10:00.865Z
Link: CVE-2026-48871
Updated: 2026-06-16T15:06:35.027Z
Status : Deferred
Published: 2026-06-15T21:17:16.557
Modified: 2026-06-15T21:24:32.790
Link: CVE-2026-48871
No data.
OpenCVE Enrichment
Updated: 2026-06-23T21:06:56Z