CVE-2025-11499
The CVE-2025-11499 entry concerns the Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent WordPress plugin. Affected component: set_featured_image_from_external_url(), with missing file type validation across all versions up to and including 1.1.32. Consequence: unauthen...