CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

August 6, 2025

CVE ID : CVE-2025-8420

Published : Aug. 6, 2025, 3:15 a.m. | 20 hours, 29 minutes ago

Description : The Request a Quote Form plugin for WordPress is vulnerable to Remote Code Execution in version less than, or equal to, 2.5.2 via the emd_form_builder_lite_pagenum function. This is due to the plugin not properly validating user input before using it as a function name. This makes it possible for unauthenticated attackers to execute code on the server, however, parameters can not be passed to the functions called.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6994 – Smartdatasoft WordPress Reveal Listing Plugin Privilege Escalation

Next Article CVE-2025-54634 – KVM Huge Page Separation Abnormal Condition Processing Vulnerability

Automating Design Systems: Tips And Resources For Getting Started

OpenAI releases two open weight reasoning models

Accelerate tool adoption with a developer experimentation framework

UX Job Interview Helpers

Yes, you can edit video like a pro on Linux – here are my 4 go-to apps

I tried Perplexity’s new reservation feature, and it surprised me with new dining spots to try

Your Samsung TV is getting a huge feature upgrade – 3 AI tools launching right now

This multi-card reader is one of the best investments I’ve made for my creative workflow

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Fluent Object Operations with Laravel’s Enhanced Helper Utilities

Record and Replay Requests With Laravel ChronoTrace

How to Write Media Queries in Optimizely Configured Commerce (Spire)

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Battlefield 6 Developers Confirm AI Bots Will Auto-fill Servers If Player Count Drops

Canon imageFORMULA R40 Driver for Windows 11, 10 (Download)

Microsoft to End Support for Visual Studio 2015 This October

CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

ESET Threat Report H1 2025: ClickFix, infostealer disruptions, and ransomware deathmatch

CISA Adds 3 D-Link Vulnerabilities to KEV Catalog Amid Active Exploitation Evidence

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

CVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

Veo3.bot: Free Access to Google Veo 3 AI Video Generation with Native Audio

7 clever iPhone USB-C port tricks every user should know

Trump to Google, Microsoft: Stop Hiring in India, Focus on American Workers

The New Hacker’s List and an Old Debate: Would you Hire a Hacker?

CVE-2025-6282 – Xlang-ai OpenAgents Path Traversal Vulnerability

CVE-2025-4193 – iSourcecode Restaurant Management System SQL Injection

CVE-2025-8420 – WordPress Request a Quote Form Plugin Remote Code Execution Vulnerability

Related Posts