{"vulnerability": "CVE-2026-14487", "sightings": [{"uuid": "7c49f622-e6c3-41fd-9ef0-8d02d2295acb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14487", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq4d4hox3y2r", "content": "CVE-2026-14487 - simple coherent form\nThe Simple Coherent Form plugin for WordPress has a security issue that could allow an attacker to delete any file on your server without needing a password. This could lead to\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#tombgtn #CVE #infosec", "creation_timestamp": "2026-07-08T04:52:05.778653Z"}, {"uuid": "97ca1fa8-2ee7-4cf7-894a-2b81432a63f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14487", "type": "seen", "source": "https://bsky.app/profile/pulse-wp.com/post/3mq4gw7nccj27", "content": "CVE-2026-14487. 9.1/10 critical. Simple Coherent Form up to 2.4.13 lets anyone delete arbitrary files. Your wp-config.php. Your database backups. Your entire site. No authentication required.\n\nUpdate to 2.4.13 now.\n\nScan your WordPress site: pulse-wp.com\n#WordPress #RCE #CyberSecurity", "creation_timestamp": "2026-07-08T06:00:10.567449Z"}, {"uuid": "437339b5-0b20-4bc7-80e6-5781c3705765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-14487", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq4m2ikekn2t", "content": "CVE-2026-14487 - Simple Coherent Form\nCVE ID : CVE-2026-14487\n \n Published : July 8, 2026, 5:16 a.m. | 52\u00a0minutes ago\n \n Description : The Simple Coherent Form plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the removeU...", "creation_timestamp": "2026-07-08T07:32:06.281907Z"}]}