3 matches found
CVE-2025-0357
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPBProfilecontroller::handleimageupload' function in versions up to, and including, 1.6.9. This makes it possible for unauthenticated attackers to upload arbitrary files on t...
CVE-2025-0357
creationtimestamp| type| source ---|---|--- 2025-01-25 01:59:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113886520322110551 2025-01-25 02:05:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3044 2025-01-25 03:47:27+00:00| seen| https://t.me/cvedetector/16356 2025-01-25...
CVE-2025-0357
The CVE-2025-0357 entry concerns the WordPress WPBookit plugin (versions up to 1.6.9). The underlying issue is insufficient file type validation in the function WPB_Profile_controller::handle_image_upload, permitting unauthenticated arbitrary file uploads on affected sites and potentially enablin...