CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

August 6, 2025

CVE ID : CVE-2025-8420

Published : Aug. 6, 2025, 3:15 a.m. | 20 hours, 29 minutes ago

Description : The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version less than, or equal to, 2.5.2 via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6994 – Smartdatasoft WordPress Reveal Listing Plugin Privilege Escalation

Next Article CVE-2025-54634 – KVM Huge Page Separation Abnormal Condition Processing Vulnerability

Highlights

CVE-2025-3994 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2025-3994

Published : April 28, 2025, 1:15 a.m. | 1 hour, 49 minutes ago

Description : A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been classified as problematic. Affected is an unknown function of the file /home.htm of the component IP Port Filtering. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Error’d: You Talkin’ to Me?

The Psychology Of Trust In AI: A Guide To Measuring And Designing For User Confidence

This week in AI updates: OpenAI Codex updates, Claude integration in Xcode 26, and more (September 19, 2025)

Report: The major factors driving employee disengagement in 2025

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Development Release: Zorin OS 18 Beta

Distribution Release: IPFire 2.29 Core 197

@ts-ignore is almost always the worst option

@ts-ignore is almost always the worst option

MutativeJS v1.3.0 is out with massive performance gains

Student Performance Prediction System using Python Machine Learning (ML)

DistroWatch Weekly, Issue 1140

DistroWatch Weekly, Issue 1140

Distribution Release: DietPi 9.17

Hyprland Made Easy: Preconfigured Beautiful Distros

CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CodeSOD: The XML Dating Service

Buona Pasqua 2025 a tutti i GNU/Linuxari

A Minecraft Movie has set a record in the UK that will take some beating — it’s all thanks to “Steve’s Lava Chicken”

Deltarune Chapters 3 and 4 are finally here with a full release that’s blowing up Steam right now — I’m finally ready to play the Undertale follow-up

CVE-2025-3994 – TOTOLINK N150RT Cross-Site Scripting Vulnerability

CVE-2022-50225 – RISC-V Linux Kernel Uprobe SR SPIE Handling Vulnerability

CVE-2025-37878 – Linux Kernel Perf Core Context Assignment Vulnerability

A Deep Dive into Building Enterprise grade Generative AI Solutions

CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

Related Posts