PPTAgent: Arbitrary File Write + Directory Creation via markdown_table_to_image

Summary The markdowntabletoimage tool accepts a caller-controlled path parameter and passes it directly to gethtmltableimage: python pptagent/mcpserver.py:127-143 def markdowntabletoimagemarkdowntable: str, path: str, css: str - str: """ Args: path str: The file path where the image will be saved...

CVE-2026-28114

CVE-2026-28114 is a vulnerability in the WordPress plugin WooCommerce License Manager (fs-license-manager) affecting versions up to and including 7.0.6. It is an Arbitrary File Upload (Unrestricted Upload of File with Dangerous Type) that can enable a Web Shell upload to the web server. Attack re...

CVE-2025-68562

Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.3...

CVE-2025-65806

The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...

PT-2025-43278

Name of the Vulnerable Software and Affected Versions 7oroof Medcity versions prior to 1.1.9 Description The software contains a flaw that permits the upload of files with dangerous types. This allows for the upload of a web shell to a web server. Recommendations Update to version 1.1.9 or later...

Wordpress Plugin Wastia Theme 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

CVE-2025-35055

Newforma Info Exchange (NIX) contains a file-upload vulnerability in /UserWeb/Common/UploadBlueimp.ashx that allows an authenticated attacker to upload arbitrary files to writable locations, enabling web-shell execution or directory deletion. Related CNVD and Red Hat entries describe a broader ri...

EUVD-2024-45879

Malicious code in bioql PyPI...

CVE-2025-54693

Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block form-block allows Upload a Web Shell to a Web Server.This issue affects Form Block: from n/a through = 1.5.5...

CVE-2025-49885 WordPress Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin <= 5.0.6 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme Drag and Drop Multiple File Upload Pro - WooCommerce drag-and-drop-file-upload-wc-pro allows Upload a Web Shell to a Web Server.This issue affects Drag and Drop Multiple File Upload Pro - WooCommerce: from n/a through =...

PT-2025-27112 · Unknown · Harutheme Drag/Drop Multiple File Upload +1

Name of the Vulnerable Software and Affected Versions: HaruTheme Drag and Drop Multiple File Upload Pro - WooCommerce versions through 5.0.6 Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling the upload of a web shell to a web server...

CVE-2025-49071 WordPress Flozen < 1.5.1 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a Web Shell to a Web Server. This issue affects Flozen: from n/a through n/a...

CVE-2025-47452 WordPress WP VR <= 8.5.26 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server. This issue affects WP VR: from n/a through 8.5.26...

PT-2025-25688 · Unknown · Nasatheme Flozen

Name of the Vulnerable Software and Affected Versions: NasaTheme Flozen affected versions not specified Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...

WordPress plugin StoreKeeper for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2025-22771

Name of the Vulnerable Software and Affected Versions ELEX WordPress HelpDesk & Customer Ticketing System versions 3.2.7 and earlier Description The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations...

PT-2025-22768 · Woocommerce · Printcart Web To Print Product Designer

Name of the Vulnerable Software and Affected Versions: Printcart Web to Print Product Designer for WooCommerce versions 2.3.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to...

CVE-2025-46264

CVE-2025-46264 (PowerPress Podcasting) is an Unrestricted Upload of Dangerous File vulnerability in the WordPress PowerPress Podcasting plugin. Affected: PowerPress Podcasting, versions up to 11.12.5. Impact: attacker can upload a web shell to the web server, enabling arbitrary file upload and po...

PT-2025-17162 · Joomsky · Joomsky Js Job Manager

Name of the Vulnerable Software and Affected Versions: JoomSky JS Job Manager versions n/a through 2.0.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For versions n/a through...

CVE-2025-39538 WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Mathieu Chartier WP-Advanced-Search allows Upload a Web Shell to a Web Server. This issue affects WP-Advanced-Search: from n/a through 3.3.9.3...