Lucene search
+L

5 matches found

NVD
NVD
added 2025/05/15 4:16 a.m.16 views

CVE-2025-3917

The 百度站长SEO合集支持百度/神马/Bing/头条推送 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the downloadremoteimagetomedialibrary function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS0.0074EPSS
Exploits0References4
CVE
CVE
added 2025/05/15 3:21 a.m.62 views

CVE-2025-3917

The CVE-2025-3917 entry concerns the WordPress plugin 百度站长SEO合集 (SEO Baidu Bing etc.)

9.8CVSS8.1AI score0.0074EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/15 3:21 a.m.27 views

CVE-2025-3917 百度站长SEO合集(支持百度/神马/Bing/头条推送) <= 2.0.6 - Unauthenticated Arbitrary File Upload

The 百度站长SEO合集支持百度/神马/Bing/头条推送 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the downloadremoteimagetomedialibrary function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS0.0074EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/05/15 3:21 a.m.11 views

CVE-2025-3917 百度站长SEO合集(支持百度/神马/Bing/头条推送) <= 2.0.6 - Unauthenticated Arbitrary File Upload

The 百度站长SEO合集支持百度/神马/Bing/头条推送 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the downloadremoteimagetomedialibrary function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to upload arbitrary...

9.8CVSS8AI score0.0074EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/05/14 9:16 p.m.6 views

WordPress 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin <= 2.0.6 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by theviper17y in WordPress Plugin 百度站长SEO合集支持百度/神马/Bing/头条推送 versions = 2.0.6...

9.8CVSS8.4AI score0.0074EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder