CVE-2019-11680

KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a web shell as a product category image...

CVE-2025-23942

Unrestricted Upload of File with Dangerous Type vulnerability in ngocuct0912 WP Load Gallery wp-load-gallery allows Upload a Web Shell to a Web Server.This issue affects WP Load Gallery: from n/a through = 2.1.6...

CVE-2025-23968

Unrestricted Upload of File with Dangerous Type vulnerability in WebFactory AiBud WP aibuddy-openai-chatgpt allows Upload a Web Shell to a Web Server.This issue affects AiBud WP: from n/a through = 1.9...

CVE-2025-23921

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

CVE-2022-31087

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

CVE-2025-67924

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows Upload a Web Shell to a Web Server.This issue affects Corpkit: from n/a through = 2.0...

CVE-2025-67910

Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...

CVE-2025-67924

CVE-2025-67924 is a WordPress theme vulnerability affecting Corpkit (Corpkit – Business Consulting WordPress Theme)

CVE-2025-67924 WordPress Corpkit theme <= 2.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows Upload a Web Shell to a Web Server.This issue affects Corpkit: from n/a through = 2.0...

CVE-2025-67924 WordPress Corpkit theme <= 2.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Corpkit corpkit allows Upload a Web Shell to a Web Server.This issue affects Corpkit: from n/a through = 2.0...

CVE-2025-67910

The CVE-2025-67910 entry corresponds to an Unrestricted Upload of File with Dangerous Type vulnerability in the WordPress Contentstudio plugin (&lt;= 1.3.7). The affected component is the Contentstudio WordPress plugin, where the upload routine allows arbitrary file types, enabling a Web Shell up...

CVE-2025-67910 WordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...

CVE-2025-67910 WordPress Contentstudio plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in contentstudio Contentstudio contentstudio allows Upload a Web Shell to a Web Server.This issue affects Contentstudio: from n/a through = 1.3.7...

CVE-2025-30996

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

PT-2026-1900

Name of the Vulnerable Software and Affected Versions zozothemes Corpkit versions n/a through 2.0 Description The software contains an unrestricted file upload issue that allows for the upload of a web shell to a web server. This allows for potentially malicious code execution. Recommendations...

WordPress plugin Contentstudio 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin Corpkit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2026-1888

Name of the Vulnerable Software and Affected Versions Contentstudio versions through 1.3.7 Description The software contains a flaw that permits the upload of files with dangerous types, potentially allowing an attacker to upload a web shell to a web server. Recommendations Update to a version...

CVE-2025-30996

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Sidepane WordPress Theme, Themify Themify Newsy, Themify Themify Folo, Themify Themify Edmin, Themify Bloggie, Themify Photobox, Themify Wigi, Themify Rezo, Themify Slide allows Upload a Web Shell to a Web Server.Thi...

CVE-2025-30996

CVE-2025-30996 concerns an Unrestricted Upload of File with Dangerous Type vulnerability in Themify WordPress themes/plugins, including Sidepane, Newsy, Folo, Edmin, Bloggie, Photobox, Wigi, Rezo and Slide. Red Hat and CIRCL entries confirm the issue affects Themify Sidepane, Newsy, Folo, Edmin, ...