CVE-2026-1674
Authorization Bypass in Gutena Forms Plugin Enables Data Manipulation
Publication date: 2026-03-04
Last updated on: 2026-03-04
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gutena | gutena_forms | to 1.6.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Gutena Forms WordPress plugin (up to version 1.6.0) has a vulnerability due to missing authorization checks in the save_gutena_forms_schema() function. This allows authenticated users with Contributor-level access or higher to modify option values on the site by updating form schema data. Such unauthorized modifications can lead to errors on the site or enable features like user registration even if they were disabled.
How can this vulnerability impact me? :
This vulnerability can be exploited by attackers with Contributor-level access to change site options improperly. The impact includes causing errors that deny service to legitimate users and enabling site features that were explicitly disabled, such as user registration. This can disrupt normal site operations and potentially allow unwanted user access.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability involves unauthorized modification of option values in the Gutena Forms WordPress plugin due to missing authorization in the save_gutena_forms_schema() function. Detection would involve checking if the plugin version is vulnerable (up to and including 1.6.0) and monitoring for unexpected changes to WordPress options related to Gutena Forms schemas.'}, {'type': 'paragraph', 'content': 'Specifically, you can check the installed version of the Gutena Forms plugin to see if it is 1.6.0 or earlier, which are vulnerable.'}, {'type': 'paragraph', 'content': 'Commands to detect the vulnerability or exploitation attempts might include:'}, {'type': 'list_item', 'content': 'Check the plugin version via WP-CLI: wp plugin get gutena-forms --field=version'}, {'type': 'list_item', 'content': 'Search the WordPress options table for option names related to Gutena Forms schemas, especially unprefixed options that could be overwritten: mysql command or WP-CLI command like wp db query "SELECT option_name FROM wp_options WHERE option_name LIKE \'%gutena_forms_schema%\' OR option_name NOT LIKE \'gutena_forms_schema_%\';"'}, {'type': 'list_item', 'content': 'Monitor logs or audit trails for changes to options or form schemas by users with Contributor-level access or higher.'}, {'type': 'paragraph', 'content': 'Note: The provided resources do not include explicit detection commands, so these suggestions are based on the vulnerability description and patch details.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the Gutena Forms plugin to version 1.6.1 or later, which contains the security fix for this vulnerability.
The update enforces option name prefixing and sanitization to prevent unauthorized option overwrites.
Additionally, review user roles and permissions to ensure that only trusted users have Contributor-level access or higher, as the vulnerability requires authenticated users with such access.
If immediate updating is not possible, consider temporarily restricting Contributor-level user capabilities or disabling the Gutena Forms plugin until the patch can be applied.