High severityNVD Advisory· Published May 29, 2026· Updated May 29, 2026
CVE-2026-47266
CVE-2026-47266
Description
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
verbb/formiePackagist | >= 3.0.0, < 3.1.26 | 3.1.26 |
verbb/formiePackagist | < 2.2.21 | 2.2.21 |
Affected products
1Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.