CVE-2026-1674

Name of the Vulnerable Software and Affected Versions Gutena Forms – Contact Form, Survey Form, Feedback Form, Booking Form, and Custom Form Builder plugin for WordPress versions up to and including 1.6.0

Description The Gutena Forms plugin for WordPress is susceptible to unauthorized data modification. A missing authorization check within the save gutena forms schema() function allows authenticated attackers with Contributor-level access or higher to update option values. This can lead to denial of service by creating errors on the site or enabling features that are explicitly disabled, such as site user registration.

Recommendations Versions prior to and including 1.6.0 should be updated.