CVE Disclosure · WordPress Plugin Ecosystem

CVE-2026-0814

Advanced CF7 DB

Missing authentication

CVSS4.3

SeverityMedium

ClassMissing authentication

TrackWordPress Plugin Ecosystem

Summary

CVE-2026-0814 is a medium-severity vulnerability (CVSS 4.3) affecting Advanced CF7 DB. The issue is classified as Missing authentication, part of the WordPress Plugin Ecosystem disclosure track on this site.

References

Authoritative sources and PoC material:

NVD↗MITRE↗PoC repo↗

Disclosure

Reporter: Kai Aizen (snailsploit)
Coordination: Vendor + MITRE/NVD
Status: Disclosed · CVE assigned · entry public on NVD
Track: WordPress Plugin Ecosystem

About this writeup

Detailed exploitation analysis, root-cause walkthrough, and remediation guidance for this finding live in the PoC repository. For broader methodology see services and research.

Author

Kai Aizen

Independent offensive security researcher. 23 published CVEs, 5 Linux kernel mainline patches, creator of AATMF / P.R.O.M.P.T / SEF, author of Adversarial Minds.

about services github x linkedin researchgate