4 matches found
WordPress Forminator Plugin < 1.44.3 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:incsub:forminator"; ifdescription...
CVE-2025-6463
creationtimestamp| type| source ---|---|--- 2025-07-02 08:22:13+00:00| seen| https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3lsxrqhqvcku2 2025-07-02 09:48:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxwphgtsn2s 2025-07-02 11:41:26+00:0...
CVE-2025-6463
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entrydeleteuploadfiles' function in all versions up to, and including, 1.44.2. This makes it possible for...
CVE-2025-6463
The CVE-2025-6463 affects the WordPress Forminator Forms plugin (Contact/Payment/Custom Form Builder) versioned up to and including 1.44.2. The vulnerability arises from insufficient validation in entry_delete_upload_files, allowing unauthenticated attackers to inject arbitrary file paths into a ...