CVE-2026-52705
Deferred Deferred - Pending Action

Unauthenticated Arbitrary File Upload in SigmaForms Pro

Vulnerability report for CVE-2026-52705, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-17

Last updated on: 2026-06-17

Assigner: Patchstack

Description

Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-17
Last Modified
2026-06-17
Generated
2026-07-08
AI Q&A
2026-06-17
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
sigmaforms pro to 1.4.5 (inc)
patchstack sigmaforms_pro to 1.4.5 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthenticated attackers to upload arbitrary files, including malicious backdoors, which can lead to unauthorized access and potential data breaches.

Such unauthorized access and potential data compromise can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and breaches.

Therefore, if exploited, this vulnerability could result in violations of these standards due to failure to protect data confidentiality, integrity, and availability.

Executive Summary

The vulnerability exists in the WordPress plugin SigmaForms Pro – AI Generated Forms, versions 1.4.5 and below. It is an Arbitrary File Upload issue that allows unauthenticated attackers to upload any file type to the website.

This means attackers can upload malicious files, such as backdoors, without needing to log in or have any privileges.

Impact Analysis

This vulnerability can lead to severe impacts including full website compromise.

  • Attackers can upload malicious backdoors to gain persistent access.
  • It can result in data theft, defacement, or further exploitation of the server.
  • Because it is unauthenticated and has a high severity score (CVSS 9.0), it is often targeted in mass-exploit campaigns.

Users are strongly advised to update to version 1.4.6 or apply mitigation rules to block attacks.

Mitigation Strategies

The vulnerability in SigmaForms Pro – AI Generated Forms versions 1.4.5 and below allows unauthenticated arbitrary file uploads, which is highly dangerous.

Immediate mitigation steps include updating the plugin to version 1.4.6 where the issue is patched.

If updating immediately is not possible, users are advised to apply the mitigation rule provided by Patchstack to block attacks until the update can be completed.

Detection Guidance

This vulnerability allows unauthenticated arbitrary file uploads to the SigmaForms Pro – AI Generated Forms plugin versions 1.4.5 and below. Detection typically involves monitoring for suspicious HTTP POST requests to the vulnerable plugin endpoints that attempt to upload files.

You can detect potential exploitation attempts by searching your web server logs for unusual file upload requests or by scanning for the presence of uploaded files that should not be there, such as web shells or backdoors.

  • Use grep or similar tools to search access logs for POST requests to SigmaForms Pro upload endpoints, for example: grep -i 'POST' /var/log/apache2/access.log | grep 'sigmaforms'
  • Look for suspicious file extensions or filenames in the uploads directory, e.g., find /path/to/uploads -type f \( -name '*.php' -o -name '*.phtml' \)
  • Use web vulnerability scanners or plugins that can detect arbitrary file upload vulnerabilities in WordPress plugins.

Since the vulnerability is patched in version 1.4.6, verifying the plugin version installed on your system is also a key step in detection.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-52705. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart