CVE Catalog
CVE-2026-56069
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.30%
22th percentile — higher than 22% of all known CVEs
Summary
An IDOR vulnerability in Toolset Forms versions up to 2.6.24 allows an unauthenticated attacker to access unauthorized data by manipulating object identifiers.
Risk Assessment
The risk involves the ability to read, modify, or delete sensitive data without authentication, potentially compromising system confidentiality and integrity.
Recommendation
It is recommended to immediately update the Toolset Forms plugin to the latest available version that addresses this vulnerability.
Original NVD description (English source)
Unauthenticated Insecure Direct Object References (IDOR) in Toolset Forms <= 2.6.24 versions.

