CVE-2026-32484
Received Received - Intake
Deserialization Object Injection in BoldGrid weForms

Publication date: 2026-03-25

Last updated on: 2026-04-29

Assigner: Patchstack

Description
Deserialization of Untrusted Data vulnerability in BoldGrid weForms weforms allows Object Injection.This issue affects weForms: from n/a through <= 1.6.26.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-26
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32484
EUVD
EUVD-2026-15828
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
boldgrid weforms to 1.6.26 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-502 The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The provided information does not specify how the CVE-2026-32484 vulnerability in the BoldGrid weForms plugin directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Executive Summary

CVE-2026-32484 is a high-priority PHP Object Injection vulnerability found in the WordPress weForms plugin versions up to and including 1.6.26.

This vulnerability arises from deserialization of untrusted data, allowing attackers to inject malicious PHP objects.

Exploitation requires some user interaction, such as clicking a malicious link, visiting a crafted page, or submitting a form, and may involve a privileged user performing an action.

Impact Analysis

Successful exploitation of this vulnerability can lead to severe impacts including code injection, SQL injection, path traversal, denial of service, and other critical security issues.

Because it allows PHP Object Injection, attackers can potentially execute arbitrary code or manipulate the system in harmful ways if a suitable Property Oriented Programming (POP) chain is available.

This makes the vulnerability highly dangerous and capable of mass exploitation across many websites regardless of their traffic or popularity.

Detection Guidance

The vulnerability affects WordPress weForms plugin versions up to and including 1.6.26 and involves PHP Object Injection. Detection involves identifying if the vulnerable plugin version is installed.

Since the vulnerability requires user interaction with crafted links, pages, or forms, monitoring for unusual requests or suspicious form submissions related to the weForms plugin could help detect exploitation attempts.

Specific commands are not provided in the available resources, but general detection steps include checking the installed plugin version via WordPress CLI or file inspection.

  • Use WP-CLI to check the installed version: wp plugin list | grep weforms
  • Inspect plugin files or version.php to confirm the version number.
  • Monitor web server logs for suspicious POST requests or unusual URL parameters targeting the weForms plugin.
Mitigation Strategies

The primary mitigation step is to immediately update the WordPress weForms plugin to version 1.6.27 or later, where the vulnerability is patched.

If immediate updating is not possible, apply the automatic mitigation rule provided by Patchstack to block attacks targeting this vulnerability.

Users unable to update or apply mitigations should seek assistance from their hosting provider or web developer.

Additionally, monitoring and restricting user interactions that could trigger the vulnerability (such as clicking malicious links or submitting crafted forms) can reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32484. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart