CVE-2025-13748 | Fluent Forms Plugin up to 6.1.7 on WordPress confirmScaPayment submission_id resource injection

A vulnerability marked as problematic has been reported in Fluent Forms Plugin up to 6.1.7 on WordPress. The impacted element is the function confirmScaPayment. The manipulation of the argument submission_id leads to improper control of resource identifiers.

This vulnerability is listed as CVE-2025-13748. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More