4 matches found
CVE-2025-2006
The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-2006
creationtimestamp| type| source ---|---|--- 2025-03-29 07:28:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9537 2025-03-29 09:31:14+00:00| seen| Telegram/aF4xicIreuyE5yRRD33dmWV9qZXjTlaEQ3JU-sQx2NkHh1A 2025-03-29 09:48:30+00:00| seen|...
CVE-2025-2006 Inline Image Upload for BBPress <= 1.1.19 - Authenticated (Subscriber+) Arbitrary File Upload
The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2025-2006 Inline Image Upload for BBPress <= 1.1.19 - Authenticated (Subscriber+) Arbitrary File Upload
The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with Subscriber-level...