Solspace Freeform
2 CVEs affecting Solspace Freeform. Latest disclosed: 2026-02-12. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-52122 | Critical | 9.8 | 2025-08-27 | Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection… |
CVE-2026-26188 | Medium | 5.4 | 2026-02-12 | Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user (able to create/edit forms) can inject… |