CVE-2025-23942

Unrestricted Upload of File with Dangerous Type vulnerability in ngocuct0912 WP Load Gallery wp-load-gallery allows Upload a Web Shell to a Web Server.This issue affects WP Load Gallery: from n/a through = 2.1.6...

EUVD-2025-18540

Malicious code in bioql PyPI...

EUVD-2024-45864

Malicious code in bioql PyPI...

EUVD-2024-42907

Malicious code in bioql PyPI...

EUVD-2025-15773

Malicious code in bioql PyPI...

EUVD-2025-2944

Malicious code in bioql PyPI...

EUVD-2024-43287

Malicious code in bioql PyPI...

EUVD-2025-2785

Malicious code in bioql PyPI...

EUVD-2023-35419

Malicious code in bioql PyPI...

EUVD-2024-45865

Malicious code in bioql PyPI...

EUVD-2025-12067

Malicious code in bioql PyPI...

EUVD-2025-10449

Malicious code in bioql PyPI...

CVE-2025-54443

Samsung Electronics MagicINFO 9 Server contains a path traversal vulnerability (CVE-2025-54443) that allows uploading a web shell due to improper restriction of restricted directory pathnames. Affected versions are MagicINFO 9 Server prior to 21.1080.0. Impact is described as potential remote cod...

CVE-2025-48300

CVE-2025-48300 relates to Groundhogg (WordPress plugin) with an Unrestricted Upload of File with Dangerous Type that enables uploading a web shell on the server. Affected: Groundhogg versions up to and including 4.2.1. Reported exploitation vectors are not detailed in the provided sources; the CV...

CVE-2025-49444

Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor reformer-elementor allows Upload a Web Shell to a Web Server.This issue affects Reformer for Elementor: from n/a through = 1.0.5...

CVE-2025-49071 WordPress Flozen < 1.5.1 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen flozen-theme allows Upload a Web Shell to a Web Server.This issue affects Flozen: from n/a through 1.5.1...

CVE-2025-47452

CVE-2025-47452 concerns RexTheme WP VR (WP VR) with an Unrestricted Upload of File with Dangerous Type vulnerability, allowing a Web Shell upload on servers running WP VR up to version 8.5.26. The vulnerability arises from an unsafe file upload handling in WP VR, affecting versions through 8.5.26...

CVE-2025-47658

Unrestricted Upload of File with Dangerous Type vulnerability in ELEXtensions ELEX WordPress HelpDesk & Customer Ticketing System elex-helpdesk-customer-support-ticket-system allows Upload a Web Shell to a Web Server.This issue affects ELEX WordPress HelpDesk & Customer Ticketing System: from n/a...

CVE-2025-47637

Unrestricted Upload of File with Dangerous Type vulnerability in STAGGS STAGGS staggs allows Upload a Web Shell to a Web Server.This issue affects STAGGS: from n/a through = 2.11.0...

CVE-2025-31916 WordPress JP Students Result Management System Premium plugin 1.1.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in joy2012bd JP Students Result Management System Premium allows Upload a Web Shell to a Web Server. This issue affects JP Students Result Management System Premium: from 1.1.7 through n/a...