Lucene search
K

9 matches found

CNVD
CNVD
added 2025/06/17 12:0 a.m.4 views

WordPress Axle Demo Importer plugin file upload vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Axle Demo Importer plugin that stems from an unverified uploaded file, which can be exploited by an attacker to cause arbitra...

8.8CVSS7.1AI score0.00507EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/06/12 6:20 a.m.8 views

CVE-2025-4954

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

8.8CVSS8.7AI score0.00507EPSS
Exploits1References1
OSV
OSV
added 2025/06/10 6:15 a.m.3 views

CVE-2025-4954

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

8.8CVSS5.8AI score0.00507EPSS
Exploits1References1
NVD
NVD
added 2025/06/10 6:15 a.m.8 views

CVE-2025-4954

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

8.8CVSS0.00507EPSS
Exploits1References1
CVE
CVE
added 2025/06/10 6:0 a.m.59 views

CVE-2025-4954

The CVE-2025-4954 entry concerns the WordPress plugin Axle Demo Importer (up to version 1.0.3). The vulnerability arises because the plugin does not validate uploaded files, allowing authenticated users (author level and above) to upload arbitrary files such as PHP to the server. This is stated d...

8.8CVSS6.6AI score0.00507EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/06/10 6:0 a.m.11 views

CVE-2025-4954 Axle Demo Importer <= 1.0.3 - Author+ Arbitrary File Upload

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

0.00507EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/10 6:0 a.m.5 views

CVE-2025-4954 Axle Demo Importer <= 1.0.3 - Author+ Arbitrary File Upload

The Axle Demo Importer WordPress plugin through 1.0.3 does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

7.1AI score0.00507EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.6 views

WordPress plugin Axle Demo Importer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A file upload vulnerability exists in the WordPress Axle Demo Importer plugin that stems from an unverified uploaded file, which can be exploited by an attacker to cause arbitra...

8.8CVSS7AI score0.00507EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.5 views

PT-2025-24617 · WordPress · Axle Demo Importer

Name of the Vulnerable Software and Affected Versions: Axle Demo Importer version 1.0.3 Description: The Axle Demo Importer WordPress plugin does not validate files to be uploaded, which could allow authenticated users author and above to upload arbitrary files such as PHP on the server...

8.8CVSS8.6AI score0.00507EPSS
Exploits1References8
Rows per page
Query Builder