CVE-2025-32496

CVE-2025-32496 is an Unpatched CSRF to Remote Code Execution in the WordPress plugin Ultra Demo Importer (versions up to 1.0.5). The vulnerability allows an attacker to perform CSRF to execute a web shell on the server, as documented in the vulnerability listing. The CVSSv3.1 base score is 9.6 (C...

CVE-2025-32496 WordPress Ultra Demo Importer plugin <= 1.0.5 - CSRF to RCE vulnerability

Cross-Site Request Forgery CSRF vulnerability in Uncodethemes Ultra Demo Importer ut-demo-importer allows Upload a Web Shell to a Web Server.This issue affects Ultra Demo Importer: from n/a through = 1.0.5...

CVE-2025-32576 WordPress WP shop plugin <= 2.6.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop allows Upload a Web Shell to a Web Server. This issue affects WP shop: from n/a through 2.6.0...

CVE-2025-32576 WordPress WP shop plugin <= 2.6.1 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows Upload a Web Shell to a Web Server.This issue affects WP shop: from n/a through = 2.6.1...

WordPress plugin WP shop 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2025-15794 · Unknown · Agence Web Eoxia - Montpellier Wp Shop

Name of the Vulnerable Software and Affected Versions: Agence web Eoxia - Montpellier WP shop versions n/a through 2.6.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows an attacker to upload a web shell to a web server. This can be achieved through exploiting...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

JSP Web Shell Uploader A simple Python tool for uploading a basi...

CVE-2025-31577

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577

CVE-2025-31577 (Appointify) Unrestricted Upload of File with Dangerous Type in Appointify, allowing an authenticated admin to upload a Web Shell to the web server. Affected software: Appointify (WordPress plugin) up to version 1.0.8. The cited CVSS data (3.1) indicates a base score of 6.6 (Medium...

CVE-2025-31577 WordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577 WordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

WordPress plugin Appointify 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

MoziloCMS 3.0 - Remote Code Execution (RCE)

Exploit Title: MoziloCMS 3.0 - Remote Code Execution RCE Date: 10/09/2024 Exploit Author: Secfortress https://github.com/sec-fortress Vendor Homepage: https://mozilo.de/ Software Link: https://github.com/moziloDasEinsteigerCMS/mozilo3.0/archive/refs/tags/3.0.1.zip Version: 3.0 Tested on: Debian...

Exploit for Unrestricted Upload of File with Dangerous Type in Webfulcreations Computer_Repair_Shop

🛡️ WordPress RepairBuddy Plugin Exploit 📜 CVE Information...

Exploit for CVE-2024-49653

📜 WordPress Portfolleo Plugin Exploit CVE-2024-49653 🚨 V...

CVE-2025-2396

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

Exploit for CVE-2024-52402

🚀 Exploit for CVE-2024-52402: WordPress Exclusive Content Pass...

Exploit for CVE-2024-56249

🛠️ WordPress Master Toolkit Exploit CVE-2024-56249 🌟 Ove...

CVE-2025-2396

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...