7 matches found
WordPress GB Forms DB plugin code injection vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code injection vulnerability exists in the WordPress GB Forms DB plugin that originates in the gbfdbtalktofront function that accepts user input and passes it through...
CVE-2025-5392
The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdbtalktofront function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for unauthenticated...
CVE-2025-5392
GB Forms DB plugin for WordPress ≤ 1.0.2 is vulnerable to unauthenticated remote code execution via gbfdb_talk_to_front() which passes user input to call_user_func, enabling attackers to execute code, inject backdoors, or create admin accounts. This is a critical flaw (CVSS v3.1: 9.8). Remediatio...
CVE-2025-5392 GB Forms DB <= 1.0.2 - Unauthenticated Remote Code Execution
The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdbtalktofront function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for unauthenticated...
CVE-2025-5392 GB Forms DB <= 1.0.2 - Unauthenticated Remote Code Execution
The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdbtalktofront function. This is due to the function accepting user input and then passing that through calluserfunc. This makes it possible for unauthenticated...
PT-2025-29211 · WordPress · Gb Forms Db
Name of the Vulnerable Software and Affected Versions: GB Forms DB plugin for WordPress versions up to and including 1.0.2 Description: The GB Forms DB plugin for WordPress is susceptible to Remote Code Execution via the gbfdb talk to front function. The function accepts user input and passes it...
WordPress plugin GB Forms DB 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A code injection vulnerability exists in the WordPress GB Forms DB plugin that originates in the gbfdbtalktofront function that accepts user input and passes it through...