Understanding Insufficient Verification of Data Authenticity: The CVE-2026-7792 Vulnerability
The WPForms plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity, allowing unauthenticated attackers to forge PayPal webhook events and modify subscription payment records. This vulnerability has a severity score of 5.3 and affects versions up to and including 1.10.0.1. Understanding this vulnerability can help users take necessary precautions to protect their websites.