3 matches found
CVE-2025-5061
creationtimestamp| type| source ---|---|--- 2025-08-05 10:31:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lvnixh5xkn2j...
CVE-2025-5061
The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpieparseuploaddata' function in all versions up to, and including, 3.9.29. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2025-5061
CVE-2025-5061 affects WordPress plugin WP Import Export Lite (versions ≤ 3.9.29). The vulnerability arises from missing file type validation in the wpie_parse_upload_data function, enabling authenticated users with Subscriber-level access (and those granted by an Administrator) to upload arbitrar...