CVE-2025-12974
BaseFortify
Publication date: 2025-11-18
Last updated on: 2025-11-18
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gravity_forms | gravity_forms | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Gravity Forms plugin for WordPress, where the legacy chunked upload mechanism lacks proper file type validation. Specifically, the extension blacklist does not include .phar files, allowing unauthenticated attackers to upload executable .phar files. If the web server is configured to process .phar files as PHP, attackers can achieve remote code execution by discovering or enumerating the upload path.
How can this vulnerability impact me? :
This vulnerability can allow unauthenticated attackers to upload and execute malicious .phar files on the server, potentially leading to remote code execution. This can result in full compromise of the affected server, including unauthorized access, data theft, data modification, or disruption of services.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the Gravity Forms plugin to a version later than 2.9.21.1 where the issue is fixed. Additionally, review and restrict file upload mechanisms to ensure proper file type validation, especially blocking .phar files. Also, verify your web server configuration to prevent processing of .phar files as PHP to reduce risk of remote code execution.