CVE-2026-3330 | 10web Form Maker Plugin up to 1.15.40 on WordPress validate_data sql injection

A vulnerability labeled as critical has been found in 10web Form Maker Plugin up to 1.15.40 on WordPress. This impacts the function WDW_FM_Library::validate_data. Such manipulation of the argument ip_search/startdate/enddate/username_search/useremail_search leads to sql injection.

This vulnerability is traded as CVE-2026-3330. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More