CVE-2026-42845 | getgrav grav-plugin-form up to 9.0.x file inclusion (GHSA-w4rc-p66m-x6qq)

May 11, 2026 Yanac

A vulnerability labeled as problematic has been found in getgrav grav-plugin-form up to 9.0.x. This affects an unknown function. Executing a manipulation can lead to file inclusion.

This vulnerability is tracked as CVE-2026-42845. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.VulDB Recent EntriesRead More

CVE-2026-38566 | HireFlow 1.2 POST Endpoint /profile SESSION_COOKIE_SAMESITE cross-site request forgery
CVE-2026-42860 | openedx edx-enterprise up to 7.0.4 fetch_metadata_xml server-side request forgery (GHSA-64cv-vxpr-j6vc)