Lucene search
K

5 matches found

NVD
NVD
added 7 hours ago8 views

CVE-2026-58480

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the saveattachments function exposed through the Advanced Reviews feature. Attackers can...

9.8CVSS
Exploits0References4
CVE
CVE
added 8 hours ago6 views

CVE-2026-58480

Blocksy Companion Pro

9.8CVSS6.4AI score
Exploits0References4
EUVD
EUVD
added 8 hours ago4 views

EUVD-2026-42233

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the saveattachments function exposed through the Advanced Reviews feature. Attackers can...

9.8CVSS6.4AI score
Exploits0References4
NVD
NVD
added 2025/09/30 11:37 a.m.6 views

CVE-2025-9762

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the saveattachments function in all versions up to, and including, 1.0.4b. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's...

9.8CVSS0.00678EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/30 12:0 a.m.8 views

WordPress plugin Post By Email Operating System Command Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

9.8CVSS6.2AI score0.00678EPSS
Exploits0References2
Rows per page
Query Builder