CVE-2025-69118

Unauthenticated Local File Inclusion in CopyPress = 1.4.5 versions...

CVE-2025-69118 WordPress CopyPress theme <= 1.4.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in CopyPress = 1.4.5 versions...

CVE-2025-69118

Technical details about CVE-2025-69118, including exploit vectors, affected WordPress CopyPress theme

WordPress CopyPress theme <= 1.4.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme CopyPress versions = 1.4.5...

WordPress Copypress Rest API plugin code execution vulnerability

WordPress Copypress Rest API plugin plugin is used to extend the functionality of WordPress plugin , by providing a RESTful interface to achieve data interaction . A code execution vulnerability exists in the WordPress Copypress Rest API plugin, which stems from the use of a hard-coded JWT signin...

Exploit for CVE-2025-8625

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configura...

CVE-2025-8625

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreaphandleimage Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachment...

CVE-2025-8625

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreaphandleimage Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachment...

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT Secret and File-Type Validation to Unauthenticated Remote Code Execution

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreaphandleimage Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachment...

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT Secret and File-Type Validation to Unauthenticated Remote Code Execution

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via copyreaphandleimage Function in versions 1.1 to 1.2. The plugin falls back to a hard-coded JWT signing key when no secret is defined and does not restrict which file types can be fetched and saved as attachment...

CVE-2025-8625

The Copypress Rest API plugin for WordPress (versions 1.1–1.2) is vulnerable to Remote Code Execution due to a hard-coded JWT signing key when no secret is configured and lack of file-type validation, allowing unauthenticated attackers to forge tokens and upload arbitrary files (e.g., PHP shells)...

WordPress Copypress Rest API plugin 1.1-1.2 - Unauthenticated Remote Code Execution vulnerability

Unauthenticated Remote Code Execution vulnerability discovered by kr0d in WordPress Plugin Copypress Rest API versions 1.1-1.2...

WordPress plugin Copypress Rest API 安全漏洞

WordPress Copypress Rest API plugin plugin is used to extend the functionality of WordPress plugin , by providing a RESTful interface to achieve data interaction . A code execution vulnerability exists in the WordPress Copypress Rest API plugin, which stems from the use of a hard-coded JWT signin...

PT-2025-39945

Name of the Vulnerable Software and Affected Versions Copypress Rest API plugin for WordPress versions 1.1 through 1.2 Description The Copypress Rest API plugin for WordPress is susceptible to Remote Code Execution through the copyreap handle image function. The plugin utilizes a hard-coded JWT...