CVE-2026-0996 is a stored Cross-Site Scripting vulnerability identified in the Fluent Forms WordPress plugin, specifically within its AI Form Builder module. The vulnerability stems from a combination of missing authorization checks, a leaked nonce, and inadequate input sanitization. Subscriber-level users, who typically have limited permissions, can exploit this flaw by triggering AI form generation through a protected endpoint. The AI service returns JavaScript code snippets without <script> tags, which bypass the plugin's sanitization routines. This malicious JavaScript is stored and executed whenever any user views the generated form, enabling attackers to run arbitrary scripts in the context of the victim's browser. The attack does not require user interaction, increasing its risk. The vulnerability affects all versions up to and including 6.1.14 of the plugin. The CVSS 3.1 score of 6.4 reflects a medium severity, with network attack vector, low attack complexity, and privileges required at the Subscriber level. The scope is changed, as the vulnerability affects other users beyond the attacker, impacting confidentiality and integrity but not availability. No known exploits are currently in the wild, but the risk remains significant due to the widespread use of WordPress and the plugin's popularity.

For European organizations, this vulnerability poses a risk of unauthorized script execution on websites using the Fluent Forms plugin, potentially leading to session hijacking, credential theft, or unauthorized actions performed on behalf of users. Public-facing WordPress sites that rely on this plugin for contact forms, surveys, or quizzes are particularly vulnerable. The ability for low-privileged users to inject scripts increases insider threat risks and the possibility of automated attacks exploiting compromised subscriber accounts. Confidentiality of user data can be compromised, and the integrity of website content can be undermined, damaging organizational reputation and trust. While availability is not directly impacted, the indirect consequences of exploitation could lead to service disruptions or regulatory scrutiny under GDPR if personal data is exposed. Organizations with high web traffic and customer engagement through WordPress forms are at elevated risk.

Immediate mitigation should include restricting Subscriber-level user permissions to the minimum necessary and monitoring for suspicious activity related to form creation or AI form generation endpoints. Organizations should implement Web Application Firewalls (WAFs) with rules targeting stored XSS patterns specific to Fluent Forms. Applying strict Content Security Policies (CSP) can help prevent execution of injected scripts. Until an official patch is released, disabling the AI Form Builder module or the Fluent Forms plugin entirely on critical sites is advisable. Once a patch becomes available, prompt updating to the fixed version is essential. Additionally, conducting regular security audits of WordPress plugins and monitoring for leaked nonces or unusual authorization bypasses can reduce risk. User training to recognize phishing or social engineering attempts that could leverage this vulnerability is also recommended.