CVE-2026-3642

Published: Apr 15, 2026 Last Modified: Apr 15, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none

Description

AI Translation Available

The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.2. The eshot_form_builder_update_field_data() AJAX handler lacks any capability checks (current_user_can()) or nonce verification (check_ajax_referer()/wp_verify_nonce()). The function is registered via the wp_ajax_ hook, making it accessible to any authenticated user. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify form field configurations including mandatory status, field visibility, and form display preferences via the eshot_form_builder_update_field_data AJAX action.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0003
Percentile
0,1th
Updated

EPSS Score Trend (Last 2 Days)

862

Missing Authorization

Incomplete
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Access Control Availability
Potential Impacts:
Read Application Data Read Files Or Directories Modify Application Data Modify Files Or Directories Gain Privileges Or Assume Identity Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Dos: Resource Consumption (Other)
Applicable Platforms
Technologies: AI/ML, Database Server, Not Technology-Specific, Web Server
Likelihood of Exploit: High
View CWE Details
https://plugins.trac.wordpress.org/browser/e-shot-form-buil…
https://plugins.trac.wordpress.org/browser/e-shot-form-builder/tags/1.0.2/admin…
https://plugins.trac.wordpress.org/browser/e-shot-form-buil…
https://plugins.trac.wordpress.org/browser/e-shot-form-builder/tags/1.0.2/inclu…
https://plugins.trac.wordpress.org/browser/e-shot-form-buil…
https://plugins.trac.wordpress.org/browser/e-shot-form-builder/trunk/admin/clas…
https://plugins.trac.wordpress.org/browser/e-shot-form-buil…
https://plugins.trac.wordpress.org/browser/e-shot-form-builder/trunk/includes/c…
https://www.wordfence.com/threat-intel/vulnerabilities/id/8…
https://www.wordfence.com/threat-intel/vulnerabilities/id/815bd708-b2f8-4add-90…