CVE-2025-23942
CVE-2025-23942 affects the NgocCode WP Load Gallery WordPress plugin up to version 2.1.6. The vulnerability is Unrestricted Upload of File with Dangerous Type, enabling an attacker (with WordPress Author+ account per source) to upload a web shell to the server. CVSS 3.1 metrics indicate NETWORK e...