Login Sign Up

CVE-2025-10916

9.1 CRITICAL

📋 TL;DR

The FormGent WordPress plugin before version 1.0.4 contains an arbitrary file deletion vulnerability due to insufficient file path validation. Unauthenticated attackers can exploit this to delete arbitrary files on the server, potentially causing service disruption or complete system compromise. All WordPress sites running FormGent plugin versions below 1.0.4 are affected.

💻 Affected Systems

Products:
  • FormGent WordPress Plugin
Versions: All versions before 1.0.4
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with FormGent plugin installed and activated.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:
  1. Review the CVE details at NVD
  2. Check vendor security advisories for your specific version
  3. Test if the vulnerability is exploitable in your environment
  4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through deletion of critical system files, leading to service disruption, data loss, or privilege escalation.

🟠

Likely Case

Website defacement or disruption through deletion of WordPress core files, themes, or plugins.

🟢

If Mitigated

Limited impact if proper file permissions and web application firewalls are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

No public exploit code available at time of analysis, but vulnerability is simple to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.0.4

Vendor Advisory: https://wpscan.com/vulnerability/81c23998-1abb-495f-890a-79624a4cab9a/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find FormGent plugin and click 'Update Now'. 4. Verify version is 1.0.4 or higher.

🔧 Temporary Workarounds

Disable FormGent Plugin

all

Temporarily disable the vulnerable plugin until patched.

wp plugin deactivate formgent

Web Application Firewall Rule

all

Block requests to FormGent plugin endpoints.

🧯 If You Can't Patch

  • Remove FormGent plugin completely from the WordPress installation
  • Implement strict file permissions (755 for directories, 644 for files) to limit damage

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin panel → Plugins → Installed Plugins for FormGent version below 1.0.4.

Check Version:

wp plugin get formgent --field=version

Verify Fix Applied:

Confirm FormGent plugin version is 1.0.4 or higher in WordPress admin.

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests to FormGent plugin endpoints with file deletion parameters
  • 404 errors for critical system files

Network Indicators:

  • Unusual POST requests to /wp-content/plugins/formgent/ endpoints

SIEM Query:

source="web_server" AND (uri="/wp-content/plugins/formgent/*" AND method="POST")

📊 Metadata

CVE ID: CVE-2025-10916
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score: 0.12% exploit probability (31.6th percentile)
Published: October 21, 2025
Last Updated: October 21, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON