PT-2025-40026 · Undefined · Undefined
Khaled Alenazi
·
Published
2025-09-30
·
Updated
2025-10-26
·
CVE-2025-10916
CVSS v3.1
9.1
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
FormGent WordPress plugin versions prior to 1.0.4
Description
The FormGent WordPress plugin is affected by a flaw that allows for the deletion of arbitrary files. This is due to inadequate validation of file paths, enabling unauthenticated attackers to delete files on the server.
Recommendations
Update the FormGent WordPress plugin to version 1.0.4 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined