Lucene search
+L

6 matches found

GithubExploit
GithubExploit
added 2025/04/27 3:3 p.m.590 views

Exploit for Unrestricted Upload of File with Dangerous Type in Aeropage Aeropage_Sync_For_Airtable

CVE-2025-3914 - Arbitrary File Upload in Aeropage Sync for A...

8.8CVSS9.3AI score0.11399EPSS
Exploits1
NVD
NVD
added 2025/04/26 6:15 a.m.45 views

CVE-2025-3914

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropagemediadownloader' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access a...

8.8CVSS0.11399EPSS
Exploits1References5
Circl
Circl
added 2025/04/26 6:8 a.m.25 views

CVE-2025-3914

creationtimestamp| type| source ---|---|--- 2025-04-26 06:08:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13569 2025-04-26 06:12:57+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnp3emts6jl2 2025-04-26 07:48:23+00:00| seen|...

8.8CVSS8.7AI score0.11399EPSS
Exploits1References6
CVE
CVE
added 2025/04/26 5:34 a.m.101 views

CVE-2025-3914

The Aeropage Sync for Airtable WordPress plugin (≤ 3.2.0) is affected by an arbitrary file upload vulnerability caused by missing file-type validation in the aeropage_media_downloader function. Authenticated users with Subscriber-level access or higher can upload arbitrary files to the server, wi...

8.8CVSS8.9AI score0.11399EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/26 5:34 a.m.13 views

CVE-2025-3914 Aeropage Sync for Airtable <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropagemediadownloader' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access a...

8.8CVSS8.9AI score0.11399EPSS
Exploits1References5
Patchstack
Patchstack
added 2025/04/25 9:33 p.m.12 views

WordPress Aeropage Sync for Airtable plugin <= 3.2.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Cheng Liu in WordPress Plugin Aeropage Sync for Airtable versions = 3.2.0...

8.8CVSS8.4AI score0.11399EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder