CVE-2025-8871
BaseFortify
Publication date: 2025-11-05
Last updated on: 2025-11-06
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| everest_forms | everest_forms | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a PHP Object Injection in the Everest Forms (Pro) WordPress plugin versions up to 1.9.7. It occurs due to unsafe deserialization of untrusted input in the mime_content_type() function. An unauthenticated attacker can exploit this when a form on the site includes a non-required signature field and an image upload field. However, exploitation requires the presence of a gadget chain (POP chain) from another plugin or theme, and it only affects PHP versions prior to 8.
How can this vulnerability impact me? :
If exploited with a suitable POP chain from another plugin or theme, an attacker could delete arbitrary files, retrieve sensitive data, or execute arbitrary code on the affected system. Without such a POP chain, this vulnerability has no impact.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately update the Everest Forms (Pro) plugin to a version later than 1.9.7 where the issue is fixed. Additionally, ensure that your PHP version is 8 or higher, as the vulnerability is only exploitable in PHP versions prior to 8. Review installed plugins and themes for potential POP chains that could be exploited in conjunction with this vulnerability, and remove or update them as necessary.