CVE

CVE-2026-39440

0field notes · 1digest CVSS 9.9

Daily digests

An attacker can inject and execute arbitrary code remotely through FunnelFormsPro, the WordPress plugin. This is a code injection bug with a CVSS of 9.9. All versions through 3.8.1 are vulnerable.

Daily Digest · Apr 23, 2026
Paperclip RCE is a perfect 10, patch or block now

CVE-2026-39440

Paperclip RCE is a perfect 10, patch or block now