CVE-2025-12352 | Rocketgenius Gravity Forms Plugin up to 2.9.20 on WordPress copy_post_image unrestricted upload

Inserito da Angelo Barbosa | Nov 6, 2025 | CVE

A vulnerability classified as critical has been found in Rocketgenius Gravity Forms Plugin up to 2.9.20 on WordPress. Affected by this vulnerability is the function copy_post_image. The manipulation leads to unrestricted upload.

This vulnerability is listed as CVE-2025-12352. The attack may be initiated remotely. There is no available exploit.

CVE-2025-12352 | Rocketgenius Gravity Forms Plugin up to 2.9.20 on WordPress copy_post_image unrestricted upload

Post correlati

CVE-2024-24910 | Check Point ZoneAlarm Extreme Security NextGen on Windows permission assignment

CVE-2025-46805 | GNU screen Signal socket.c CheckPid race condition

CVE-2023-5457 | AiLux imx6 up to 1.0.7-1 product released in non-release configuration

CVE-2023-3758 | sssd GPO Policy race condition