Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.9
WPForms Google Sheet Connector allows code to be injected into Google Sheets
CVE-2025-67979
Summary
A security issue in WPForms Google Sheet Connector allows an attacker to inject malicious code into Google Sheets. This can lead to unauthorized data access or modification. Update to version 4.0.2 or later to fix this issue.
Original title
Improper Control of Generation of Code ('Code Injection') vulnerability in WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Code Injection.This issue affects WPForms Google...
Original description
Improper Control of Generation of Code ('Code Injection') vulnerability in WesternDeal WPForms Google Sheet Connector gsheetconnector-wpforms allows Code Injection.This issue affects WPForms Google Sheet Connector: from n/a through <= 4.0.1.
nvd CVSS3.1
9.9
Vulnerability type
CWE-94
Code Injection
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026