WordPress EM Beer Manager plugin <= 3.2.3 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin EM Beer Manager versions = 3.2.3...

CVE-2025-11724 EM Beer Manager <= 3.2.3 - Authenticated (Subscriber+) Arbitrary File Upload

The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote code execution in all versions up to, and including, 3.2.3. This is due to missing file type validation in the EMBMAdminUntappdImportimage function and missing authorization checks on the...

CVE-2025-11724

CVE-2025-11724 – EM Beer Manager (WordPress) : Vulnerable to authenticated (Subscriber+) arbitrary file upload leading to remote code execution in all versions up to and including 3.2.3 due to missing file type validation in EMBM_Admin_Untappd_Import_image() and missing authorization checks on th...

CVE-2025-11724 EM Beer Manager <= 3.2.3 - Authenticated (Subscriber+) Arbitrary File Upload

The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote code execution in all versions up to, and including, 3.2.3. This is due to missing file type validation in the EMBMAdminUntappdImportimage function and missing authorization checks on the...

WordPress plugin EM Beer Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

PT-2025-44936

Name of the Vulnerable Software and Affected Versions EM Beer Manager plugin for WordPress versions through 3.2.3 Description The EM Beer Manager plugin for WordPress is susceptible to arbitrary file upload, potentially leading to remote code execution. This is a result of inadequate file type...