Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Wordfence Blog
Wordfence Blogadded 2026/04/06 4:1 p.m.2 views

50,000 WordPress Sites affected by Arbitrary File Upload Vulnerability in Ninja Forms – File Upload WordPress Plugin

On January 8th, 2026, we received a submission for an Arbitrary File Upload vulnerability in Ninja Forms - File Upload, a WordPress plugin with an estimated 50,000 active installations. This vulnerability makes it possible for an unauthenticated attacker to upload arbitrary files to a vulnerable...

9.8CVSS6.7AI score0.21968EPSS
Exploits6
Github Security Blog
Github Security Blogadded 2025/08/22 9:31 p.m.5 views

Liferay Portal users can upload an unlimited amount of files

Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...

6.5CVSS6.8AI score0.0011EPSS
Exploits0References5Affected Software2
CVE
CVEadded 2025/08/22 6:43 p.m.15 views

CVE-2025-43762

CVE-2025-43762 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.1 (also 2024 Qx releases), where forms upload allows an unlimited number of files to be stored in document_library, enabling a potential DDoS. Concrete details available: vulnerable components include form upl...

6.5CVSS6.8AI score0.0011EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder