CVE-2025-22723

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

CVE-2025-22723 WordPress Barcode Scanner and Inventory manager plugin <= 1.6.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

CVE-2025-22723

CVE-2025-22723 concerns the UkrSolution Barcode Scanner with Inventory & Order Manager (Barcode Scanner plugin). The issue is an unrestricted upload of a file with a dangerous type, enabling an attacker to upload a web shell to the web server. Impact is described as high/high in the CVE metrics (...

CVE-2025-22723 WordPress Barcode Scanner and Inventory manager plugin <= 1.6.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

PT-2025-4650 · Ukrsolution · Ukrsolution Barcode Scanner With Inventory & Order Manager

Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Scanner with Inventory & Order Manager versions 1.6.7 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can...

CVE-2025-23922

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-23922 WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-23922

CVE-2025-23922 concerns the WordPress iSpring Embedder plugin

CVE-2025-23922 WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-22782

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through = 1.0.8...

CVE-2025-22782 WordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through 1.0.8...

CVE-2025-22782 WordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through = 1.0.8...

PT-2025-4697 · WordPress · Wr Price List Manager For Woocommerce

Name of the Vulnerable Software and Affected Versions: WR Price List Manager For Woocommerce versions 1.0.0 through 1.0.8 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of files with dangerous types. This can lead to significant...

Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...

Investigating A Web Shell Intrusion With Trend Micro Managed XDR

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...

Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR

This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...

Exploit for Stack-based Buffer Overflow in Ivanti Connect_Secure

CVE-2025-0282-Ivanti-exploit CVE-2025-0282 is a critical vulne...

CVE-2025-22504

Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms 4ecps-webforms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through = 0.2.18...

CVE-2025-22504 WordPress 4ECPS Web Forms Plugin <= 0.2.18 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms 4ecps-webforms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through = 0.2.18...

CVE-2025-22504

CVE-2025-22504 involves the 4ECPS Web Forms plugin. It is an Unrestricted Upload of File with Dangerous Type vulnerability that permits uploading a web shell to the server. Public details indicate affected software: 4ECPS Web Forms versions from unspecified start to 0.2.18. The CVE is linked to a...