CVE-2026-0633 - MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 4.1....

CVE ID : CVE-2026-0633 Published : Jan. 24, 2026, 8:26 a.m. | 27 minutes ago Description : The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.1.0. This is due to the use of a forgeable cookie value derived only from the entry ID and current user ID without a server-side secret. This makes it possible for unauthenticated attackers to access form submission entry data via MetForm shortcodes for entries created within the transient TTL (default is 15 minutes). Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...