CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Upload a Web Shell to a Web Server.This issue affects BEAF: from n/a through = 4.6.10...

9.1CVSS7.2AI score0.00469EPSS

Exploits1References1

NVD•added 2025/05/07 3:16 p.m.•13 views

CVE-2025-47549

9.1CVSS0.00469EPSS

Exploits1References1

OSV•added 2025/05/07 3:16 p.m.•1 views

CVE-2025-47549

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF allows Upload a Web Shell to a Web Server. This issue affects BEAF: from n/a through 4.6.10...

7.2CVSS5.8AI score0.00469EPSS

Exploits1References3

CVE•added 2025/05/07 2:20 p.m.•71 views

CVE-2025-47549

CVE-2025-47549: WordPress BEAF (Ultimate Before After Image Slider & Gallery)

9.1CVSS7.2AI score0.00469EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2025/05/07 12:0 a.m.•8 views

PT-2025-20162 · Unknown · Themefic Beaf

Name of the Vulnerable Software and Affected Versions: Themefic BEAF versions through 4.6.10 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server...

9.1CVSS9.5AI score0.00469EPSS

Exploits1References7

NVD•added 2024/04/15 9:15 a.m.•8 views

CVE-2024-32433

Cross-Site Request Forgery CSRF vulnerability in Themefic BEAF beaf-before-and-after-gallery.This issue affects BEAF: from n/a through = 4.5.4...

4.3CVSS4.6AI score0.002EPSS

Exploits0References2

CVE•added 2024/04/15 8:38 a.m.•54 views

CVE-2024-32433

CVE-2024-32433 is a Cross-Site Request Forgery vulnerability in the BEAF (Ultimate Before After Image Slider & Gallery) WordPress plugin, affecting BEAF versions up to 4.5.4. The vulnerability is described as a CSRF that can affect the notice dismissal flow, enabling an attacker to cause a logged...

4.3CVSS5.9AI score0.002EPSS

Exploits0References2