A vulnerability was found in 10web Form Maker Plugin up to 1.15.42 on WordPress and classified as critical . Affected by this issue is some unknown functionality. Executing a manipulation of the argument inputs can lead to sql injection. This vulnerability is registered as CVE-2026-3359 . It is possible to launch the attack remotely. No exploit is available.