PT-2025-15941 · Unknown · Labcat Processing Projects

Name of the Vulnerable Software and Affected Versions: LABCAT Processing Projects versions 1.0.0 through 1.0.2 Description: The issue allows an attacker to upload a web shell to a web server, potentially leading to unauthorized access and control. This is due to an unrestricted upload of files wi...

WordPress plugin Insert or Embed Articulate Content into WordPress 代码问题漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A code issue vulnerability exists in the WordPress plugin Insert or...

WordPress plugin WP Remote Thumbnail 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

PT-2025-15939 · WordPress · Insert/Embed Articulate Content

Name of the Vulnerable Software and Affected Versions: Insert or Embed Articulate Content into WordPress versions 4.3000000025 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can ...

WordPress plugin Processing Projects 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

CVE-2025-32576

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows Upload a Web Shell to a Web Server.This issue affects WP shop: from n/a through = 2.6.1...

CVE-2025-32496

Cross-Site Request Forgery CSRF vulnerability in Uncodethemes Ultra Demo Importer ut-demo-importer allows Upload a Web Shell to a Web Server.This issue affects Ultra Demo Importer: from n/a through = 1.0.5...

CVE-2025-32496

CVE-2025-32496 is an Unpatched CSRF to Remote Code Execution in the WordPress plugin Ultra Demo Importer (versions up to 1.0.5). The vulnerability allows an attacker to perform CSRF to execute a web shell on the server, as documented in the vulnerability listing. The CVSSv3.1 base score is 9.6 (C...

CVE-2025-32496 WordPress Ultra Demo Importer plugin <= 1.0.5 - CSRF to RCE vulnerability

Cross-Site Request Forgery CSRF vulnerability in Uncodethemes Ultra Demo Importer ut-demo-importer allows Upload a Web Shell to a Web Server.This issue affects Ultra Demo Importer: from n/a through = 1.0.5...

CVE-2025-32576 WordPress WP shop plugin <= 2.6.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop allows Upload a Web Shell to a Web Server. This issue affects WP shop: from n/a through 2.6.0...

CVE-2025-32576 WordPress WP shop plugin <= 2.6.1 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows Upload a Web Shell to a Web Server.This issue affects WP shop: from n/a through = 2.6.1...

WordPress plugin WP shop 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2025-15794 · Unknown · Agence Web Eoxia - Montpellier Wp Shop

Name of the Vulnerable Software and Affected Versions: Agence web Eoxia - Montpellier WP shop versions n/a through 2.6.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows an attacker to upload a web shell to a web server. This can be achieved through exploiting...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

JSP Web Shell Uploader A simple Python tool for uploading a basi...

CVE-2025-31577

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577

CVE-2025-31577 (Appointify) Unrestricted Upload of File with Dangerous Type in Appointify, allowing an authenticated admin to upload a Web Shell to the web server. Affected software: Appointify (WordPress plugin) up to version 1.0.8. The cited CVSS data (3.1) indicates a base score of 6.6 (Medium...

CVE-2025-31577 WordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

CVE-2025-31577 WordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through = 1.0.8...

WordPress plugin Appointify 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...