Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

FormGent

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2026-22460
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-8.6||HIGH
EPSS-0.07% / 21.96%
||
7 Day CHG~0.00%
Published-05 Mar, 2026 | 05:53
Updated-28 Apr, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress FormGent plugin <= 1.7.0 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpWax FormGent formgent allows Path Traversal.This issue affects FormGent: from n/a through <= 1.7.0.

Action-Not Available
Vendor-wpWax
Product-FormGent
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2025-10916
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-9.1||CRITICAL
EPSS-0.14% / 33.14%
||
7 Day CHG-0.01%
Published-21 Oct, 2025 | 06:00
Updated-21 Oct, 2025 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FormGent < 1.0.4 - Unauthenticated Arbitrary File Deletion

The FormGent WordPress plugin before 1.0.4 is vulnerable to arbitrary file deletion due to insufficient file path validation. This makes it possible for unauthenticated attackers to delete arbitrary files on the server.

Action-Not Available
Vendor-Unknown
Product-FormGent
CWE ID-CWE-73
External Control of File Name or Path