Getgrav Grav-plugin-form
2 CVEs affecting Getgrav Grav-plugin-form. Latest disclosed: 2026-05-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-42842 | Medium | 5.4 | 2026-05-11 | The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Grav CMS For… |
CVE-2026-42845 | | 2026-05-11 | The form plugin for Grav adds the ability to create and use forms. Prior to 9.1.0 , there is an unauthenticated page-content overwrite via file upload (GHSA-w4… |