CVE-2025-4208 | NEX-Forms Plugin up to 8.9.1 on WordPress call_user_func privilege escalation

Inserito da Angelo Barbosa | Mag 8, 2025 | CVE

A vulnerability, which was classified as critical, was found in NEX-Forms Plugin up to 8.9.1 on WordPress. Affected is the function call_user_func. The manipulation leads to privilege escalation.

This vulnerability is traded as CVE-2025-4208. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-4208 | NEX-Forms Plugin up to 8.9.1 on WordPress call_user_func privilege escalation

Post correlati

CVE-2023-33036 | Qualcomm 8 Gen 1 Mobile Platform Hypervisor denial of service

CVE-2024-56220 | SSL Wireless SMS Notification Plugin up to 3.5.0 on WordPress privileges assignment

CVE-2024-0593 | Simple Job Board Plugin up to 2.10.8 on WordPress authorization

CVE-2024-21501 | sanitize-html up to 2.12.0 Style Attribute information disclosure