CVE-2025-11889 — The AIO Forms – Craft Complex Forms Easily plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import functionality in all versions up to, and inclu — CVE Database · The Intelligence Room