VYPR

Divi Form Builder

by WordPress

CVEs (1)

  • CVE-2026-5118CriMay 21, 2026
    risk 0.64cvss 9.8epss 0.00

    The Divi Form Builder plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.1.2. This is due to the plugin accepting a user-controlled 'role' parameter from POST data during user registration without validating it against the form's…