17 matches found
EUVD-2025-198850
Malicious code in @strapbuild/react-native-perspective-image-cropper-poojan31 npm...
EUVD-2025-198851
Malicious code in @strapbuild/react-native-perspective-image-cropper-2 npm...
EUVD-2025-198718
Malicious code in @strapbuild/react-native-perspective-image-cropper npm...
CVE-2025-11391
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...
EUVD-2025-34973
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...
CVE-2025-11391
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...
CVE-2025-11391 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated Arbitrary File Upload
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...
CVE-2025-11391 PPOM – Product Addons & Custom Fields for WooCommerce <= 33.0.15 - Unauthenticated Arbitrary File Upload
The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the image cropper functionality in all versions up to, and including, 33.0.15. This makes it possible for unauthenticated attackers to uplo...
CVE-2025-11391
The CVE-2025-11391 issue affects the PPOM – Product Addons & Custom Fields for WooCommerce WordPress plugin (all products up to 33.0.15). The root cause is missing file type validation in the image cropper, allowing unauthenticated arbitrary file uploads on vulnerable sites, with potential remote...
PT-2025-42696
Name of the Vulnerable Software and Affected Versions PPOM – Product Addons & Custom Fields for WooCommerce versions through 33.0.15 Description The PPOM – Product Addons & Custom Fields for WooCommerce plugin for WordPress has a flaw related to file handling. Specifically, the image cropper...
WordPress Background Image Cropper 1.2 Shell Upload
Exploit Title: Wordpress Plugin Background Image Cropper v1.2 - Remote Code Execution Date: 2024-04-16 Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL Vendor Homepage: https://wordpress.org Software Link:...
Advanced Form Builder 2.0 Arbitrary File Upload
==================================================================================================================================== | Title : Advanced Form builder v 2.0 File Upload Image Cropper Take Photo System unrestricted file upload Vulnerability | | Author : indoushka | | Tested on :...
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13260/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'image-editor-52.php' script...
CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13258/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'image-editor-52.php' script...
CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13256/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'image-editor-52.php' script...
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/13260/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application...
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/13257/info CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerability. This issue is due to a failure in the application...