Plattform
wordpress
Komponente
gb-forms-db
Behoben in
1.0.3
CVE-2025-5392 represents a critical Remote Code Execution (RCE) vulnerability discovered in the GB Forms DB plugin for WordPress. This flaw allows unauthenticated attackers to execute arbitrary code on the server, leading to complete system compromise. The vulnerability affects versions 1.0.0 through 1.0.2, and a patch is available in version 1.0.3.
The impact of CVE-2025-5392 is severe. Successful exploitation allows an attacker to execute arbitrary code on the WordPress server with the privileges of the web server user. This could lead to complete website takeover, data exfiltration, malware installation, and defacement. An attacker could inject malicious code to steal sensitive user data, including login credentials and personal information. Furthermore, they could create new administrative user accounts, granting them persistent access to the system. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of threat actors.
CVE-2025-5392 was publicly disclosed on 2025-07-11. Public proof-of-concept (PoC) code is likely to emerge quickly due to the vulnerability's ease of exploitation. The CVSS score of 9.8 indicates a critical severity, suggesting a high probability of exploitation. It is recommended to prioritize patching this vulnerability to prevent potential compromise. The vulnerability is not currently listed on CISA KEV as of this writing.
Websites utilizing the GB Forms DB plugin, particularly those running older, unpatched versions (1.0.0–1.0.2), are at significant risk. Shared hosting environments are particularly vulnerable as they often have limited control over plugin updates and security configurations. WordPress installations with default or weak security practices are also more susceptible to exploitation.
• wordpress / composer / npm:
grep -r 'gbfdb_talk_to_front(' /var/www/html/wp-content/plugins/gb-forms-db/• generic web:
curl -I https://your-wordpress-site.com/wp-content/plugins/gb-forms-db/ | grep -i 'gbfdb_talk_to_front'disclosure
Exploit-Status
EPSS
0.64% (70% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-5392 is to immediately upgrade the GB Forms DB plugin to version 1.0.3 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider temporarily disabling the GB Forms DB plugin. As a short-term workaround, implement strict input validation on the gbfdbtalkto_front() function to sanitize user-supplied data. Web Application Firewall (WAF) rules can be configured to block requests containing suspicious payloads targeting this function. Monitor WordPress logs for unusual activity or attempts to exploit the vulnerability. After upgrading, confirm the fix by attempting to trigger the vulnerable function with a malicious payload – it should now be properly sanitized.
Actualice el plugin GB Forms DB a la versión 1.0.3 o superior para mitigar la vulnerabilidad de ejecución remota de código. Esta actualización aborda la forma en que la función gbfdb_talk_to_front() maneja la entrada del usuario, previniendo la ejecución no autorizada de código.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-5392 is a critical Remote Code Execution vulnerability in the GB Forms DB WordPress plugin, allowing attackers to execute code on the server.
You are affected if you are using GB Forms DB versions 1.0.0 through 1.0.2. Check your plugin version and upgrade immediately.
Upgrade the GB Forms DB plugin to version 1.0.3 or later. If upgrading is not possible, disable the plugin temporarily.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of exploitation.
Refer to the GB Forms official website and WordPress plugin repository for the latest advisory and update information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.