CVE-2025-4208 | NEX-Forms Plugin up to 8.9.1 on WordPress call_user_func privilege escalation

Inserito da Angelo Barbosa | Mag 8, 2025 | CVE

A vulnerability, which was classified as critical, was found in NEX-Forms Plugin up to 8.9.1 on WordPress. Affected is the function call_user_func. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2025-4208. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4208 | NEX-Forms Plugin up to 8.9.1 on WordPress call_user_func privilege escalation

Post correlati

CVE-2023-47162 | IBM Sterling Secure Proxy 6.0.3/6.1.0 Web UI cross site scripting (XFDB-270973)

CVE-2024-40475 | SourceCodester Best House Rental Management System 1.0 payment_report.php access control

CVE-2023-41961 | Intel GPA Software prior 2023.3 uncontrolled search path (intel-sa-00831)

CVE-2024-48310 | AutoLib OPAC 20.10 API Key information disclosure