Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/07/26 4:31 a.m.12 views

CVE-2025-7852

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the imageuploadhandle function hooked via the 'addnewcustomer' route in all versions up to, and including, 1.0.6. The plugin’s image‐upload handler calls moveuploadedfile on...

9.8CVSS7.6AI score0.01207EPSS
Exploits1References1
CVE
CVE
added 2025/07/24 4:24 a.m.46 views

CVE-2025-7852

CVE-2025-7852 : The WPBookit WordPress plugin is vulnerable to unauthenticated arbitrary file uploads due to missing file type validation in image_upload_handle(), exploited via the add_new_customer route. Affected versions are up to and including 1.0.6. The upload handler uses move_uploaded_file...

9.8CVSS7.5AI score0.01207EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/24 4:24 a.m.15 views

CVE-2025-7852 WPBookit <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the imageuploadhandle function hooked via the 'addnewcustomer' route in all versions up to, and including, 1.0.6. The plugin’s image‐upload handler calls moveuploadedfile on...

9.8CVSS0.01207EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/24 4:24 a.m.6 views

CVE-2025-7852 WPBookit <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function

The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the imageuploadhandle function hooked via the 'addnewcustomer' route in all versions up to, and including, 1.0.6. The plugin’s image‐upload handler calls moveuploadedfile on...

9.8CVSS7.6AI score0.01207EPSS
Exploits1References4
Patchstack
Patchstack
added 2025/07/23 9:3 p.m.16 views

WordPress WPBookit plugin <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function vulnerability

Unauthenticated Arbitrary File Upload via imageuploadhandle Function vulnerability discovered by theviper17y in WordPress Plugin WPBookit versions = 1.0.6...

9.8CVSS6.8AI score0.01207EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder