Vulnerability Database

319,478

Total vulnerabilities in the database

CVE-2025-10916

The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

Published: Oct 21, 2025
Updated: Nov 17, 2025
CVE: CVE-2025-10916
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.1
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://wpscan.com/vulnerability/81c23998-1abb-495f-890a-79624a4cab9a/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo