Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/26 4:7 a.m.20 views

CVE-2025-4336

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the setfile function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

9.8CVSS8.2AI score0.01125EPSS
Exploits2References1
Circl
Circl
added 2025/05/24 4:1 a.m.22 views

CVE-2025-4336

creationtimestamp| type| source ---|---|--- 2025-05-24 04:01:22+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lpvb2dbzl3w2 2025-05-24 06:50:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpvkkrzh632q...

9.8CVSS7AI score0.01125EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/05/24 3:37 a.m.24 views

CVE-2025-4336 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the setfile function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

8.1CVSS0.01125EPSS
Exploits2References7
Vulnrichment
Vulnrichment
added 2025/05/24 3:37 a.m.13 views

CVE-2025-4336 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file()

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the setfile function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

8.1CVSS8.2AI score0.01125EPSS
Exploits2References7
CVE
CVE
added 2025/05/24 3:37 a.m.78 views

CVE-2025-4336

The CVE describes an unauthenticated arbitrary file upload in the eMagicOne Store Manager for WooCommerce WordPress plugin (versions

9.8CVSS8.6AI score0.01125EPSS
Exploits2References7Affected Software1
Patchstack
Patchstack
added 2025/05/23 10:8 p.m.9 views

WordPress eMagicOne Store Manager for WooCommerce plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload via set_file() vulnerability

Unauthenticated Arbitrary File Upload via setfile vulnerability discovered by Ryan Kozak in WordPress Plugin eMagicOne Store Manager versions = 1.2.5...

9.8CVSS6.7AI score0.01125EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder