Offensive Sequence
⚠️ CVE-2026-4987 (HIGH): SureForms plugin for WordPress lets attackers bypass payment amount validation by setting form_id to 0 — no auth needed, all versions <=2.5.2 at risk. Patch or mitigate now! https://radar.offseq.com/threat/cve-2026-4987-cwe-20-improper-input-validation-in--6438ea07 #OffSeq #WordPress #Vuln #PaymentSecurity
Mar 28 at 11:30pmWeb