CVE-2025-6464 | Forminator Forms Plugin up to 1.44.2 on WordPress PHAR File Parser entry_delete_upload_files deserialization

Inserito da Angelo Barbosa | Lug 1, 2025 | CVE

A vulnerability was found in Forminator Forms Plugin up to 1.44.2 on WordPress. It has been declared as critical. This vulnerability affects the function entry_delete_upload_files of the component PHAR File Parser. The manipulation leads to deserialization.

This vulnerability was named CVE-2025-6464. The attack can be initiated remotely. There is no exploit available.

CVE-2025-6464 | Forminator Forms Plugin up to 1.44.2 on WordPress PHAR File Parser entry_delete_upload_files deserialization

Post correlati

CVE-2024-1002 | Totolink N200RE 9.3.5u.6139_B20201216 /cgi-bin/cstecgi.cgi setIpPortFilterRules ePort stack-based overflow

CVE-2025-41441 | Synck Graphica Mailform Pro CGI up to 4.3.3 information exposure

CVE-2024-1618 | Faronics Deep Freeze Server Standard up to 8.30.020.4627 DFServ.exe unquoted search path

CVE-2024-9270 | Lenxel Core for Lenxel LMS Plugin up to 1.1 on WordPress SVG File Upload cross site scripting