PT-2025-16653 · Kadence · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions 1.5.14 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. Recommendations: For...

CVE-2025-30967

Cross-Site Request Forgery CSRF vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server. This issue affects WPJobBoard: from n/a through n/a...

CVE-2025-26927

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-30967 WordPress WPJobBoard plugin < 5.11.1 - CSRF to Remote Code Execution (RCE) vulnerability

Cross-Site Request Forgery CSRF vulnerability in NotFound WPJobBoard wpjobboard allows Upload a Web Shell to a Web Server.This issue affects WPJobBoard: from n/a through 5.11.1...

CVE-2025-30967

CVE-2025-30967 is a CSRF-to-Remote Code Execution flaw in WP Job Board (notFound) affecting WP Job Board versions prior to 5.11.1. The advisory lists a high severity (CVSS 3.1: 9.6, Confidentiality/Integrity/Availability all High). Mitigation: upgrade to WP Job Board 5.11.1 or later, which patche...

CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes AI Hub aihub allows Upload a Web Shell to a Web Server.This issue affects AI Hub: from n/a through = 1.3.7...

CVE-2025-26927

CVE-2025-26927 : Unrestricted Upload of File with Dangerous Type in the AI Hub WordPress Theme (AI Hub:

WordPress plugin WPJobBoard 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2025-16535 · WordPress · Wpjobboard

Name of the Vulnerable Software and Affected Versions: WPJobBoard affected versions not specified Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows an attacker to upload a web shell to a web server. This can be achieved through exploiting the CSRF vulnerability...

WordPress plugin AI Hub 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

Exploit for Path Traversal in Igniterealtime Openfire

It is an offensive tool for Openfire. This repository contains a...

Exploit for Code Injection in Ispconfig

CVE-2023-46818-Exploit This is my own exploit for CVE-2023-468...

CVE-2025-32579

Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through = 1.0...

CVE-2025-32140

Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail wp-remote-thumbnail allows Upload a Web Shell to a Web Server.This issue affects WP Remote Thumbnail: from n/a through = 1.3.2...

CVE-2025-32206

Unrestricted Upload of File with Dangerous Type vulnerability in LABCAT Processing Projects processing-projects allows Upload a Web Shell to a Web Server.This issue affects Processing Projects: from n/a through = 1.0.2...

CVE-2025-32496

Cross-Site Request Forgery CSRF vulnerability in Uncodethemes Ultra Demo Importer ut-demo-importer allows Upload a Web Shell to a Web Server.This issue affects Ultra Demo Importer: from n/a through = 1.0.5...

CVE-2025-32576

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows Upload a Web Shell to a Web Server.This issue affects WP shop: from n/a through = 2.6.1...

Exploit for CVE-2025-32206

CVE-2025-32206 - WordPress Processing Projects "Unrestricted...

CVE-2025-32579

Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through = 1.0...