CVE-2025-5392 – “WordPress GB Forms DB Remote Code Execution”

July 11, 2025

CVE ID : CVE-2025-5392

Published : July 11, 2025, 7:15 a.m. | 2 hours, 14 minutes ago

Description : The GB Forms DB plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the gbfdb_talk_to_front() function. This is due to the function accepting user input and then passing that through call_user_func(). This makes it possible for unauthenticated attackers to execute code on the server which can be leverage to inject backdoors or create new administrative user accounts to name a few things.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5992 – Qt QColorTransferGenericFunction ICC Profile Denial of Service

Next Article CVE-2025-5028 – ESET Windows Installation File Privilege Escalation Vulnerability

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

JFrog finds MCP-related vulnerability, highlighting need for stronger focus on security in MCP ecosystem

8 Key Questions Every CEO Should Ask Before Hiring a Node.js Development Company in 2025

Vibe Loop: AI-native reliability engineering for the real world

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

HP’s discount on one of the most powerful gaming laptops on the planet is absolutely UNBEATABLE — but you only have a few hours to get one!

The details of TC39’s last meeting

The details of TC39’s last meeting

Francisco Bergeret Paves the Way Through Strong Leadership at Perficient

Intelligent Automation in the Healthcare Sector with n8n, OpenAI, and Pinecone

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

One of Atlus’ best Xbox JRPGs that puts modern Final Fantasy games to shame is now on a 45% discount — This is your last chance to seize it as the Amazon Day Prime closes today

Don’t waste the LAST 24 hours of Amazon Prime Day sales buying a MacBook — buy this much better Windows laptop instead!

This fantastic Xbox remake of a classic Atlus JRPG we gave a perfect review score to is now 49% cheaper — Don’t miss the deadline for this Amazon Prime Day deal, which ends today

CVE-2025-5392 – “WordPress GB Forms DB Remote Code Execution”

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

CVE-2025-4450 – D-Link DIR-619L Remote Buffer Overflow Vulnerability

CVE-2025-46735 – Terraform WinDNS Provider Authenticated Command Injection

CVE-2025-6373 – D-Link DIR-619L Stack-Based Buffer Overflow Vulnerability

Google Ends Remote Work for Many: Return to Office or Leave

Why I recommend this flagship TCL TV over OLED models that cost more (and don’t regret it)

CVE-2025-4014 – PHPGurukul Art Gallery Management System SQL Injection Vulnerability

International Operation Targets Qakbot Hacker, $24M in Crypto Seized

CVE-2025-49763 – Apache Traffic Server ESI Plugin Remote Memory Consumption Vulnerability

CVE-2025-5392 – “WordPress GB Forms DB Remote Code Execution”

Related Posts