CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/03/25 4:14 p.m.•8 views

CVE-2026-32482

CVE-2026-32482 affects WordPress Ona theme versions prior to 1.24. The issue is Unrestricted Upload of File with Dangerous Type, allowing an attacker to upload a web shell to the web server via the Ona plugin/theme. Relevant sources report a high-severity CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR...

9.9CVSS5.8AI score0.00063EPSS

ATTACKERKB•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-32482

Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through 1.24...

5.8AI score0.00063EPSS

Cvelist•added 2026/03/25 4:14 p.m.•23 views

CVE-2026-32482 WordPress Ona theme < 1.24 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through 1.24...

9.9CVSS0.00063EPSS

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-28038

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow Photo Engine wplr-sync allows Upload a Web Shell to a Web Server.This issue affects Photo Engine: from n/a through = 6.4.9...

5.8AI score0.00059EPSS

Positive Technologies•added 2026/03/25 12:0 a.m.•1 views

PT-2026-27998

Name of the Vulnerable Software and Affected Versions deothemes Ona versions prior to 1.24 Description The software contains a flaw related to unrestricted file upload with a dangerous file type. This allows for the upload of a web shell to a web server. Recommendations Update to a version newer...

9.9CVSS5.9AI score0.00063EPSS

Exploits0References3

CNNVD•added 2026/03/25 12:0 a.m.•3 views

WordPress plugin Ona 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.9CVSS5.9AI score0.00063EPSS

EUVD•added 2026/03/19 9:30 a.m.•2 views

EUVD-2026-13087

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1...

NVD•added 2026/03/19 9:16 a.m.•3 views

CVE-2026-27067

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor mobile-app-editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through = 1.3.1...

9.1CVSS0.00059EPSS

Cvelist•added 2026/03/19 8:41 a.m.•22 views

CVE-2026-27067 WordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerability

9.1CVSS0.00059EPSS

ATTACKERKB•added 2026/03/19 8:41 a.m.•1 views

CVE-2026-27067

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1...

Vulnrichment•added 2026/03/19 8:41 a.m.•1 views

CVE-2026-27067 WordPress Mobile App Editor plugin <= 1.3.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through 1.3.1...

CVE•added 2026/03/19 8:41 a.m.•7 views

CVE-2026-27067

CVE-2026-27067 concerns the WordPress plugin Mobile App Editor (WordPress to Android App Builder) versions up to and including 1.3.1. The issue is an Unrestricted Upload of File with Dangerous Type , enabling an attacker to upload a Web Shell to the web server. The vulnerability is documented in ...

9.1CVSS5.9AI score0.00059EPSS

Positive Technologies•added 2026/03/19 12:0 a.m.•1 views

PT-2026-26278

🔴 CVE-2026-27067 - Critical Unrestricted Upload of File with Dangerous Type vulnerability in Syarif Mobile App Editor allows Upload a Web Shell to a Web Server.This issue affects Mobile App Editor: from n/a through ... https://t.co/2PmcdZjLPe https://t.co/HOIpzGKqJA...

CNNVD•added 2026/03/19 12:0 a.m.•2 views

Exploits0References6

WordPress plugin Mobile App Editor 代码问题漏洞

9.1CVSS5.9AI score0.00059EPSS

GithubExploit•added 2026/03/15 4:17 p.m.•134 views

omrs-rce

OMRS — Online Marriage Registration System 1.0 — RCE & Auto Re...

5.9AI score

Exploits0

RedhatCVE•added 2026/03/06 7:55 a.m.•5 views

CVE-2025-68555

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Nutrie nutrie allows Upload a Web Shell to a Web Server.This issue affects Nutrie: from n/a through 2.0.1...

9.9CVSS5.8AI score0.00063EPSS

RedhatCVE•added 2026/03/06 7:55 a.m.•5 views

CVE-2025-68553

Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through 2.0.1...

9.9CVSS5.8AI score0.00063EPSS

RedhatCVE•added 2026/03/06 7:54 a.m.•4 views

CVE-2026-28133

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through = 1.2.14...

8.5CVSS5.9AI score0.00063EPSS

RedhatCVE•added 2026/03/06 7:53 a.m.•4 views

CVE-2026-28114

Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License Manager fs-license-manager allows Upload a Web Shell to a Web Server.This issue affects WooCommerce License Manager: from n/a through = 7.0.6...