snailsploit[$]
CVE Disclosure · WordPress Plugin Ecosystem

CVE-2026-0811

Advanced CF7 DB

CSRF

CVSS5.4
SeverityMedium
ClassCSRF
TrackWordPress Plugin Ecosystem

Summary

CVE-2026-0811 is a medium-severity vulnerability (CVSS 5.4) affecting Advanced CF7 DB. The issue is classified as CSRF, part of the WordPress Plugin Ecosystem disclosure track on this site.

References

Authoritative sources and PoC material:

NVDMITREPoC repo

Disclosure

Reporter
Kai Aizen (snailsploit)
Coordination
Vendor + MITRE/NVD
Status
Disclosed · CVE assigned · entry public on NVD
Track
WordPress Plugin Ecosystem

About this writeup

Detailed exploitation analysis, root-cause walkthrough, and remediation guidance for this finding live in the PoC repository. For broader methodology see services and research.

disclosure contextall 23 cves →
all disclosures
CVE Ledger →
23 published CVEs across container, web, OSS, kernel
advisories
GHSA disclosures →
coordinated security advisories
engage
Pen Testing →
same methodology, your stack
Author
Kai Aizen
Independent offensive security researcher. 23 published CVEs, 5 Linux kernel mainline patches, creator of AATMF / P.R.O.M.P.T / SEF, author of Adversarial Minds.
aboutservicesgithubxlinkedinresearchgate