CVE-2026-47266
NONE—CVSS v3
—CVSS v2
0.06%
EPSS (exploit probability)
CWE-639CWE
Description
Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26.
Affected routers (0)
No routers currently mapped to this CVE in our database.