Lucene search
K

50 matches found

GithubExploit
GithubExploit
added 2026/06/13 1:43 p.m.111 views

Exploit for CVE-2026-1555

CVE-2026-1555: Unauthenticated Arbitrary File Upload in WebSta...

9.8CVSS5.3AI score0.00984EPSS
Exploits4
GithubExploit
GithubExploit
added 2026/06/08 10:34 a.m.136 views

Exploit for CVE-2026-1555

██████╗██╗ ██╗███████╗ ██████╗ ██████╗ ██████╗ █████...

9.8CVSS6.1AI score0.00984EPSS
Exploits4
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-1555

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS6.4AI score0.00984EPSS
Exploits4References1
EUVD
EUVD
added 2026/04/22 9:31 p.m.6 views

EUVD-2026-22830

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS6.5AI score0.00984EPSS
Exploits4References4
GithubExploit
GithubExploit
added 2026/04/17 10:3 p.m.168 views

Exploit for CVE-2026-1555

CVE-2026-1555 WebStack = 1.2024 - Unauthenticated Arbitrar...

9.8CVSS6AI score0.00984EPSS
Exploits4
Patchstack
Patchstack
added 2026/04/15 1:8 p.m.11 views

WordPress WebStack plugin <= 1.2024 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Chiao-Lin Yu Steven Meow - Trend Micro in WordPress Theme WebStack versions = 1.2024...

9.8CVSS5.8AI score0.00984EPSS
Exploits4References1Affected Software1
NVD
NVD
added 2026/04/15 4:17 a.m.6 views

CVE-2026-1555

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS0.00984EPSS
Exploits4References3
OSV
OSV
added 2026/04/15 3:37 a.m.4 views

CVE-2026-1555 WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS6.7AI score0.00984EPSS
Exploits4References5
CVE
CVE
added 2026/04/15 3:37 a.m.45 views

CVE-2026-1555

The WebStack WordPress theme is vulnerable to unauthenticated arbitrary file upload via the io_img_upload() function in all versions up to 1.2024. This allows attackers with no authentication to upload arbitrary files to the server, with the potential for remote code execution. Affected product: ...

9.8CVSS6.5AI score0.00984EPSS
Exploits4References3
Vulnrichment
Vulnrichment
added 2026/04/15 3:37 a.m.8 views

CVE-2026-1555 WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS6.5AI score0.00984EPSS
Exploits4References3
ATTACKERKB
ATTACKERKB
added 2026/04/15 3:37 a.m.7 views

CVE-2026-1555

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS6.5AI score0.00984EPSS
Exploits4References4
Cvelist
Cvelist
added 2026/04/15 3:37 a.m.33 views

CVE-2026-1555 WebStack <= 1.2024 - Unauthenticated Arbitrary File Upload

The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...

9.8CVSS0.00984EPSS
Exploits4References3
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.5 views

PT-2026-32996

Name of the Vulnerable Software and Affected Versions WebStack versions prior to 1.2025 Description The WebStack theme for WordPress allows unauthenticated attackers to upload arbitrary files to the server. This is caused by a lack of file type validation within the io img upload function, which...

9.8CVSS5.8AI score0.00984EPSS
Exploits4References8
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.12 views

WordPress plugin WebStack 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

9.8CVSS6.2AI score0.00984EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/12/02 7:22 a.m.5 views

CVE-2025-13811

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the atta...

7.2CVSS6.4AI score0.00326EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/02 6:3 a.m.9 views

CVE-2025-13810

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...

7.5CVSS6AI score0.00871EPSS
Exploits1References1
OSV
OSV
added 2025/12/01 7:16 a.m.6 views

CVE-2025-13811

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the atta...

7.2CVSS5.7AI score0.00326EPSS
Exploits1References5
NVD
NVD
added 2025/12/01 7:16 a.m.3 views

CVE-2025-13810

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...

7.5CVSS0.00871EPSS
Exploits1References5
OSV
OSV
added 2025/12/01 7:16 a.m.3 views

CVE-2025-13810

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of the file src/main/java/com/jsnjfz/manage/modular/system/controller/KaptchaController.java. Performing a manipulation results in path traversal. It is possible to initiate the attack remotely. The...

7.5CVSS5.5AI score0.00871EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/01 6:32 a.m.3 views

CVE-2025-13811 jsnjfz WebStack-Guns PageFactory.java sql injection

A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown code of the file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. Executing a manipulation of the argument sort can lead to sql injection. It is possible to launch the atta...

6.5CVSS6.4AI score0.00326EPSS
Exploits1References5
Rows per page
Query Builder