Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/14 5:18 a.m.7 views

CVE-2025-6057

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handleimageupload function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

8.8CVSS7.3AI score0.00642EPSS
Exploits0References1
NVD
NVD
added 2025/07/12 5:15 a.m.9 views

CVE-2025-6057

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handleimageupload function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

8.8CVSS0.00642EPSS
Exploits0References4
Circl
Circl
added 2025/07/12 4:46 a.m.13 views

CVE-2025-6057

creationtimestamp| type| source ---|---|--- 2025-07-12 04:46:52+00:00| seen| https://bsky.app/profile/potato.software/post/3ltqkirzmiy24...

8.8CVSS4.8AI score0.00642EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/12 4:22 a.m.7 views

CVE-2025-6057 WPBookit <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the handleimageupload function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

8.8CVSS8AI score0.00642EPSS
Exploits0References4
Rows per page
Query Builder