Lucene search
K

4 matches found

CVE
CVE
added 2025/11/18 8:27 a.m.15 views

CVE-2025-12528

CVE-2025-12528 concerns the Pie Forms for WP WordPress plugin (versions <= 1.6). The issue is an Arbitrary File Upload due to insufficient file-type validation: validate_classic checks extensions but does not stop the upload, enabling unauthenticated attackers to upload dangerous extensions (e...

8.1CVSS7.1AI score0.00574EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/11/18 8:27 a.m.8 views

CVE-2025-12528 Pie Forms for WP <= 1.6 - Unauthenticated Arbitrary File Upload

The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the formatclassic function. This is due to insufficient file type validation where the validateclassic method validates file extensions and sets error messages but does n...

8.1CVSS0.00574EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/11/18 8:27 a.m.4 views

CVE-2025-12528 Pie Forms for WP <= 1.6 - Unauthenticated Arbitrary File Upload

The Pie Forms for WP plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.6 via the formatclassic function. This is due to insufficient file type validation where the validateclassic method validates file extensions and sets error messages but does n...

8.1CVSS7.1AI score0.00574EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.6 views

PT-2025-47259

Name of the Vulnerable Software and Affected Versions Pie Forms for WP plugin for WordPress versions prior to 1.7 Description The Pie Forms for WP plugin for WordPress is susceptible to an Arbitrary File Upload issue through the format classic function. Insufficient file type validation within th...

8.1CVSS7.7AI score0.00574EPSS
Exploits0References8
Rows per page
Query Builder