Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2025/07/03 12:0 a.m.7 views

WordPress Forminator Plugin < 1.44.3 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:incsub:forminator"; ifdescription...

8.8CVSS6.3AI score0.10538EPSS
Exploits0References2
Circl
Circl
added 2025/07/02 9:28 a.m.9 views

CVE-2025-6464

creationtimestamp| type| source ---|---|--- 2025-07-02 09:28:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsxvlnnhlh2l...

8.8CVSS7.3AI score0.00469EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/02 5:29 a.m.5 views

CVE-2025-6464 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated PHP Object Injection (PHAR) Triggered via Administrator Form Submission Deletion

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.44.2 via deserialization of untrusted input in the 'entrydeleteuploadfiles' function. This makes it possible for unauthenticat...

7.5CVSS7.8AI score0.00469EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/07/01 10:53 p.m.8 views

WordPress Forminator plugin <= 1.44.2 - Unauthenticated PHP Object Injection (PHAR) Triggered via Administrator Form Submission Deletion vulnerability

Unauthenticated PHP Object Injection PHAR Triggered via Administrator Form Submission Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Forminator versions = 1.44.2...

8.8CVSS7.1AI score0.00469EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder