Lucene search
K

52 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:50 a.m.9 views

CVE-2024-5630

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

8.8CVSS7AI score0.00675EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:54 a.m.5 views

CVE-2023-0255

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

8.8CVSS6.9AI score0.01096EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.13 views

WordPress plugin StoreKeeper for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

10CVSS8.5AI score0.00372EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.7 views

PT-2025-22771

Name of the Vulnerable Software and Affected Versions ELEX WordPress HelpDesk & Customer Ticketing System versions 3.2.7 and earlier Description The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations...

9.9CVSS9.1AI score0.0035EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.11 views

PT-2025-22768 · Woocommerce · Printcart Web To Print Product Designer

Name of the Vulnerable Software and Affected Versions: Printcart Web to Print Product Designer for WooCommerce versions 2.3.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to...

10CVSS9.5AI score0.00359EPSS
Exploits0References4
CVE
CVE
added 2025/04/24 4:8 p.m.61 views

CVE-2025-46264

CVE-2025-46264 (PowerPress Podcasting) is an Unrestricted Upload of Dangerous File vulnerability in the WordPress PowerPress Podcasting plugin. Affected: PowerPress Podcasting, versions up to 11.12.5. Impact: attacker can upload a web shell to the web server, enabling arbitrary file upload and po...

9.9CVSS7.2AI score0.00347EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/17 12:0 a.m.10 views

PT-2025-17162 · Joomsky · Joomsky Js Job Manager

Name of the Vulnerable Software and Affected Versions: JoomSky JS Job Manager versions n/a through 2.0.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For versions n/a through...

10CVSS9.5AI score0.00403EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/16 12:45 p.m.19 views

CVE-2025-39538 WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3...

6.6CVSS7AI score0.00437EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/16 12:45 p.m.22 views

CVE-2025-39538 WordPress WP-Advanced-Search plugin <= 3.3.9.4 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search wp-advanced-search allows Upload a Web Shell to a Web Server.This issue affects WP-Advanced-Search: from n/a through = 3.3.9.4...

6.6CVSS0.00437EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/11 8:42 a.m.26 views

CVE-2025-32579 WordPress Sync Posts Plugin <= 1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in SoftClever Limited Sync Posts sync-posts allows Upload a Web Shell to a Web Server.This issue affects Sync Posts: from n/a through = 1.0...

9.9CVSS0.00682EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:9 p.m.7 views

CVE-2024-52490

Unrestricted Upload of File with Dangerous Type vulnerability in pathomation Pathomation pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through = 2.5.1...

10CVSS7.4AI score0.00562EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/07 12:0 a.m.4 views

PT-2025-2645 · Unknown · Themeglow Jobboard

Name of the Vulnerable Software and Affected Versions: ThemeGlow JobBoard Job listing versions 1.2.6 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading a...

10CVSS9.5AI score0.00515EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/12/31 12:53 p.m.8 views

CVE-2024-56046 WordPress WPLMS plugin <= 1.9.9 - Unauthenticated Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9...

10CVSS9.4AI score0.00743EPSS
Exploits0References1
CVE
CVE
added 2024/12/18 6:52 p.m.50 views

CVE-2024-56057

CVE-2024-56057 affects the WPLMS plugin for WordPress (WPLMS

9.9CVSS7.4AI score0.00542EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.7 views

PT-2024-36143 · Woocommerce · Import Export For Woocommerce

Name of the Vulnerable Software and Affected Versions: Import Export For WooCommerce versions 1.5 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation...

9.9CVSS6.9AI score0.0143EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2024/11/16 12:0 a.m.6 views

PT-2024-35244 · Unknown · B-Banner Slider

Name of the Vulnerable Software and Affected Versions: B-Banner Slider versions 1.1 and earlier Description: The issue is related to an unrestricted upload of files with dangerous types, allowing an attacker to upload a web shell to a web server. This poses a severe cybersecurity risk...

9.9CVSS9.4AI score0.00478EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/11/14 12:0 a.m.9 views

PT-2024-35209 · Webtechglobal · Webtechglobal Easy Csv Importer

Name of the Vulnerable Software and Affected Versions: WebTechGlobal Easy CSV Importer BETA versions n/a through 7.0.0 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. This poses a significant...

10CVSS9.4AI score0.00496EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/11/04 12:0 a.m.12 views

PT-2024-34302 · Unknown · Woocommerce +1

Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with...

10CVSS7.3AI score0.00501EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/11/04 12:0 a.m.9 views

PT-2024-34303

Name of the Vulnerable Software and Affected Versions: Multi Purpose Mail Form versions n/a through 1.0.2 Description: The issue allows users to upload dangerous files, potentially leading to a web server compromise by uploading a web shell. This can happen due to an unrestricted upload of file...

10CVSS5.2AI score0.00611EPSS
Exploits2References11
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.5 views

PT-2024-34261 · Unknown · Mahlamusa Multi Purpose Mail Form

Name of the Vulnerable Software and Affected Versions: Mahlamusa Multi Purpose Mail Form versions 1.0.2 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server. Recommendations: For...

10CVSS6.9AI score0.00496EPSS
Exploits0References4
Rows per page
Query Builder