CYBERHAWK / CVE / CVE-2026-5112

CVE-2026-5112

Gravity Forms WordPress Plugin

HIGH CVSS 7.2 vibe

The flaw

Unauthenticated stored XSS in Calculation Product field names within Repeater fields.

What to do

Update to version 2.10.1 or later

▸ Scan my repo for CVE-2026-5112

References

NVD CISA KEV OSV GitHub Advisory MITRE News search
First seen 2026-05-08 · Tracked by PickBits CyberHawk · Weekly CVE digest
← All CVEs RSS Scheduled audits