EUVD-2017-3176

Malware in sbrugna...

EUVD-2024-52948

Malicious code in bioql PyPI...

EUVD-2024-44940

Malicious code in bioql PyPI...

CVE-2025-48300 WordPress Groundhogg plugin <= 4.2.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg groundhogg allows Upload a Web Shell to a Web Server.This issue affects Groundhogg: from n/a through = 4.2.1...

GHSA-P9QC-8JJX-G8CG Bolt CMS vulnerable to authenticated remote code execution

Bolt CMS versions 3.7.0 and earlier contain a chain of vulnerabilities that together allow an authenticated user to achieve remote code execution. A user with valid credentials can inject arbitrary PHP code into the displayname field of the user profile, which is rendered unsanitized in backend...

PT-2025-27822 · Unknown · Wpcenter Aibud Wp

Name of the Vulnerable Software and Affected Versions: WPCenter AiBud WP versions 1.8.5 and earlier Description: The issue affects WPCenter AiBud WP, allowing an unrestricted upload of a file with a dangerous type, which enables uploading a web shell to a web server. Recommendations: For versions...

PT-2025-22780 · Woocommerce · Storekeeper For Woocommerce

Name of the Vulnerable Software and Affected Versions: StoreKeeper for WooCommerce versions through 14.4.4 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...

CVE-2017-11561

An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell...

PT-2025-22108 · Mojoomla · Wpams

Name of the Vulnerable Software and Affected Versions: mojoomla WPAMS versions prior to 44.0 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential...

PT-2025-20162 · Unknown · Themefic Beaf

Name of the Vulnerable Software and Affected Versions: Themefic BEAF versions through 4.6.10 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited to gain unauthorized access to the server...

Exploit for CVE-2025-39538

🛡️ CVE-2025-39538 - WordPress WP-Advanced-Search = 3.3.9.3 Ar...

PT-2025-17763 · Angelo Mandato · Powerpress Podcasting

Name of the Vulnerable Software and Affected Versions: Angelo Mandato PowerPress Podcasting versions prior to 11.12.6 Description: The issue allows attackers to upload dangerous files, potentially leading to the upload of a web shell to a web server. This can be exploited through unrestricted fil...

PT-2025-16653 · Kadence · Kadence Woocommerce Email Designer

Name of the Vulnerable Software and Affected Versions: Kadence WooCommerce Email Designer versions 1.5.14 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server. Recommendations: For...

PT-2025-15939 · WordPress · Insert/Embed Articulate Content

Name of the Vulnerable Software and Affected Versions: Insert or Embed Articulate Content into WordPress versions 4.3000000025 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can ...

Exploit for Unrestricted Upload of File with Dangerous Type in Webfulcreations Computer_Repair_Shop

🛡️ WordPress RepairBuddy Plugin Exploit 📜 CVE Information...

CVE-2024-56057

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplmsplugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9.5.2...

CVE-2024-50480

Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n/a through = 1.27.80...

CVE-2025-23953

Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects user files: from n/a through = 2.4.2...

CVE-2025-23953 WordPress user files plugin <= 2.4.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects user files: from n/a through = 2.4.2...

SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution

Exploit Title: SimpleMachinesForum v2.1.1 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 7th March 2022 CVE ID: CVE-2022-26982 Confirmed on release 2.1.1 Vendor: https://download.simplemachines.org/ Note- Once we insert the vulnerabl...