CVE-2025-6464 | Forminator Forms Plugin up to 1.44.2 on WordPress PHAR File Parser entry_delete_upload_files deserialization

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability was found in Forminator Forms Plugin up to 1.44.2 on WordPress. It has been declared as critical. This vulnerability affects the function entry_delete_upload_files of the component PHAR File Parser. The manipulation leads to deserialization.

This vulnerability was named CVE-2025-6464. The attack can be initiated remotely. There is no exploit available.

CVE-2025-6464 | Forminator Forms Plugin up to 1.44.2 on WordPress PHAR File Parser entry_delete_upload_files deserialization

Post correlati

CVE-2024-46372 | DedeCMS 5.7.115 Advertisement Management Module cross site scripting

CVE-2024-53473 | WeGIA up to 3.2.0 Password Change permission (Issue 791)

CVE-2024-0932 | Tenda AC10U 15.03.06.49_multi_TDE01 setSmartPowerManagement time stack-based overflow

CVE-2024-55218 | IceWarp Server 10.2.1 meta cross site scripting