Sensitive Data Exposure in FormLayer by Softaculous
CVE-2026-59519

5.3MEDIUM

Key Information:

Vendor

WordPress

Status
Vendor
CVE Published:
5 July 2026

What is CVE-2026-59519?

The FormLayer plugin by Softaculous is impacted by a vulnerability that allows for the retrieval of embedded sensitive data. This issue arises when sensitive information is improperly handled before being sent. Versions from n/a through 1.0.6 are affected, posing risks to users' data integrity and confidentiality. It is crucial for organizations using this plugin to take immediate action to mitigate potential risks.

Affected Version(s)

FormLayer <= 1.0.6

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ananda Dhakal | Patchstack
.