SQL Injection Vulnerability in Hannan گرویتی فرم فارسی Plugin
CVE-2026-61955

7.6HIGH

Key Information:

Vendor

WordPress

Vendor
CVE Published:
13 July 2026

What is CVE-2026-61955?

An SQL Injection vulnerability exists in the Hannan گرویتی فرم فارسی plugin for WordPress, allowing attackers to manipulate SQL queries. This flaw can lead to unauthorized data access or modification and affects versions from an unknown release up to and including 3.0.2. Proper precautions and patches are recommended to mitigate potential exploits.

Affected Version(s)

گرویتی فرم فارسی 0 <= 3.0.2

References

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Ananda Dhakal (Patchstack)
.