Skip to content
Vulnerability intelligence

CVE-2026-0740

CVE-2026-0740. A critical file upload vulnerability in the Ninja Forms File Uploads plugin. Unauthenticated attackers upload arbitrary files. Full site compromise. No login required.

WordPress 2026
What WebPulse reported · 1 analysis
Ninja Forms: The WordPress Contact Plugin That Lets Attackers Upload Anything

CVE-2026-0740. A critical file upload vulnerability in the Ninja Forms File Uploads plugin. Unauthenticated attackers upload arbitrary files. Full site compromi

June 13, 2026
View CVE-2026-0740 on the NIST National Vulnerability Database →
Related vulnerabilities
CVE-2026-8206 CVE-2026-8181 CVE-2026-3844 CVE-2026-10795 CVE-2026-4020 CVE-2026-1293 CVE-2026-8732 CVE-2026-4798