79 matches found
CVE-2025-67910
Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...
CVE-2025-67910
Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...
CVE-2025-67910
The CVE-2025-67910 entry corresponds to an Unrestricted Upload of File with Dangerous Type vulnerability in the WordPress Contentstudio plugin (<= 1.3.7). The affected component is the Contentstudio WordPress plugin, where the upload routine allows arbitrary file types, enabling a Web Shell up...
CVE-2025-67910 WordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...
CVE-2025-67910 WordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...
WordPress plugin Contentstudio 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1888
Name of the Vulnerable Software and Affected Versions Contentstudio versions through 1.3.7 Description The software contains a flaw that permits the upload of files with dangerous types, potentially allowing an attacker to upload a web shell to a web server. Recommendations Update to a version...
WordPress ContentStudio plugin <= 1.3.7 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Contentstudio versions = 1.3.7...
WordPress ContentStudio plugin <= 1.3.7 - Authenticated (Author+) Arbitrary File Upload vulnerability
Authenticated Author+ Arbitrary File Upload vulnerability discovered by kr0d in WordPress Plugin Contentstudio versions = 1.3.7...
WordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Contentstudio versions = 1.3.7...
CVE-2025-12181
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstuupdatepost function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrar...
CVE-2025-13144
The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the addcstusettings function. This makes it possible for unauthenticated attackers to modify plugin settings v...
CVE-2025-13144
The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the addcstusettings function. This makes it possible for unauthenticated attackers to modify plugin settings v...
CVE-2025-12181
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstuupdatepost function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrar...
CVE-2025-12181 ContentStudio <= 1.3.7 - Authenticated (Author+) Arbitrary File Upload
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstuupdatepost function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrar...
CVE-2025-12181
ContentStudio plugin for WordPress (versions up to and including 1.3.7) is vulnerable to arbitrary file uploads due to missing file type validation in cstu_update_post(). Authenticated attackers with Author-level access or higher can upload arbitrary files to the server, potentially enabling remo...
CVE-2025-12181 ContentStudio <= 1.3.7 - Authenticated (Author+) Arbitrary File Upload
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstuupdatepost function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrar...
EUVD-2025-201376
The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cstuupdatepost function in all versions up to, and including, 1.3.7. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrar...
EUVD-2025-201385
The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the addcstusettings function. This makes it possible for unauthenticated attackers to modify plugin settings v...
CVE-2025-13144 ContentStudio <= 1.3.7 - Cross-Site Request Forgery to Settings Update
The ContentStudio plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.7. This is due to missing or insufficient nonce validation on the addcstusettings function. This makes it possible for unauthenticated attackers to modify plugin settings v...