Threats Tagged 'cve-2026-25863'
View all threats tagged with 'cve-2026-25863'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-25863'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-25863: CWE-1284 Improper Validation of Specified Quantity in Input in Jules Colle Conditional Fields for Contact Form 7CVE-2026-25863 0 Conditional Fields for Contact Form 7 WordPress plugin through version 2.7.2 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iteration count directly from user-supplied POST parameters without validation or upper bound enforcement. Unauthenticated attackers can supply an arbitrarily large integer value through the REST API endpoint to cause unbounded loop execution with multiple preg_replace() operations, exhausting server memory and crashing the PHP process. Join the discussion | CVE Database V5 | 05/04/2026, 18:29:01 UTC Added: 05/04/2026, 18:51:26 UTC |
Showing 1 to 1 of 1 result