top of page
perceptive_background_267k.jpg

Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects Je…

Published:

24 maart 2026 om 23:00:00

Alert date:

25 maart 2026 om 21:04:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A code injection vulnerability (CVE-2026-32525) has been identified in the JetFormBuilder WordPress plugin by jetmonsters. The vulnerability affects versions up to and including 3.5.6.1 and allows attackers to perform improper control of code generation, leading to potential remote code execution. This is classified as a high-severity security issue that could allow malicious actors to inject and execute arbitrary code on affected WordPress installations running the vulnerable plugin.

Technical details

Mitigation steps:

Affected products:

JetFormBuilder

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-32525
https://patchstack.com/database/Wordpress/Plugin/jetformbuilder/vulnerability/wordpress-jetformbuilder-plugin-3-5-6-1-remote-code-execution-rce-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page