9 matches found
WordPress Auto Thumbnailer plugin <= 1.0 - Authenticated (Contributor+) Arbitrary File Upload vulnerability
Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin Auto Thumbnailer versions = 1.0...
CVE-2025-12154
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload...
CVE-2025-12154
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload...
EUVD-2025-201365
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload...
CVE-2025-12154 Auto Thumbnailer <= 1.0 - Authenticated (Contributor+) Arbitrary File Upload
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload...
CVE-2025-12154
CVE-2025-12154 (Auto Thumbnailer, WordPress) The vulnerability is an authenticated arbitrary file upload flaw in the Auto Thumbnailer plugin, affecting versions up to 1.0. The uploadThumb() function lacks proper file-type validation, enabling attackers with Contributor+ privileges to upload arbit...
CVE-2025-12154 Auto Thumbnailer <= 1.0 - Authenticated (Contributor+) Arbitrary File Upload
The Auto Thumbnailer plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadThumb function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload...
PT-2025-49203
Name of the Vulnerable Software and Affected Versions Auto Thumbnailer WordPress plugin versions prior to 1.0. Description The Auto Thumbnailer plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation within the uploadThumb function. This allows...
WordPress plugin Auto Thumbnailer 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...