4 matches found
CVE-2025-3491
creationtimestamp| type| source ---|---|--- 2025-04-26 06:08:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13570 2025-04-26 06:12:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnp3eqeyuwa2 2025-04-26...
CVE-2025-3491
The WordPress Add custom page template plugin (vulnerable
CVE-2025-3491 Add custom page template <= 2.0.1 - Authenticated (Administrator+) PHP Code Injection to Remote Code Execution
The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.0.1 via the 'acptvalidatesetting' function. This is due to insufficient sanitization of the 'templatename' parameter. This makes it possib...
WordPress Add custom page template plugin <= 2.0.1 - Authenticated (Administrator+) PHP Code Injection to Remote Code Execution vulnerability
Authenticated Administrator+ PHP Code Injection to Remote Code Execution vulnerability discovered by ch4r0n in WordPress Plugin Add custom page template versions = 2.0.1...