6 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Iqonic Wpbookit
šØ CVE-2025-6058 ā WordPress WPBookit ⤠1.0.4 Unauthenticated Fil...
CVE-2025-6058
creationtimestamp| type| source ---|---|--- 2025-07-12 19:00:08+00:00| published-proof-of-concept| Telegram/vQGaba-QVKaOvDSuX7y4y7EZTA90-d6xov3MefrlRfg 2025-07-13 03:00:05+00:00| published-proof-of-concept| Telegram/qSyMCObkKGA7Q7HpzeouiC5p1gyRUk9NSeKtBswwYL551E 2025-07-22 21:02:24+00:00| seen|...
Exploit for Unrestricted Upload of File with Dangerous Type in Iqonic Wpbookit
ā” WPBookit = 1.0.4 - Unauthenticated Arbitrary File Upload -...
CVE-2025-6058 WPBookit <= 1.0.4 - Unauthenticated Arbitrary File Upload
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the imageuploadhandle function hooked via the 'addbookingtype' route in all versions up to, and including, 1.0.4. This makes it possible for unauthenticated attackers to upload arbitra...
CVE-2025-6058
CVE-2025-6058 affects the WPBookit WordPress plugin, vulnerable up to version 1.0.4 due to missing file type validation in the image_upload_handle function invoked via the add_booking_type route. Unauthenticated attackers can upload arbitrary files to the target server, with potential remote code...
WordPress WPBookit plugin <= 1.0.4 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by stealthcopter in WordPress Plugin WPBookit versions = 1.0.4...