Vulnerabilities

CVE-2025-12845 - Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent 0....

2026-02-19 0 views admin

CVE ID : CVE-2025-12845 Published : Feb. 19, 2026, 3:25 a.m. | 50 minutes ago Description : The Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent plugin for WordPress is vulnerable to unauthorized access of data that leads to privilege escalation due to a missing capability check on the get_table_data() function in versions 0.5.4 to 1.2.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to retrieve plugin table data that can expose email log information. Attackers can leverage this on sites where the table log is enabled in order to trigger a password reset and obtain the reset key. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-12845

Published

Feb. 19, 2026

Affected Product: WordPress

Impact: privilege escalation

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-12845wordpress

CVE-2025-12845 - Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent 0....

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-3134 - itsourcecode News Portal Project edit-category.php sql injection

CVE-2026-3133 - itsourcecode Document Management System Login loging.php sql injection

CVE-2025-46320 - FileMaker WebDirect Cross-Site Scripting (XSS)

CVE-2026-21410 - InSAT MasterSCADA BUK-TS SQL Injection

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting