2172 matches found
CVE-2025-47452 WordPress WP VR <= 8.5.26 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server. This issue affects WP VR: from n/a through 8.5.26...
CVE-2025-47452
CVE-2025-47452 concerns RexTheme WP VR (WP VR) with an Unrestricted Upload of File with Dangerous Type vulnerability, allowing a Web Shell upload on servers running WP VR up to version 8.5.26. The vulnerability arises from an unsafe file upload handling in WP VR, affecting versions through 8.5.26...
CVE-2025-47559 WordPress MapSVG plugin < 8.7.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through 8.7.4...
CVE-2025-47559
CVE-2025-47559 affects WordPress MapSVG up to and including version 8.5.32, described as Unrestricted Upload of File with Dangerous Type that can allow uploading a Web Shell to the web server. The CVSS v3.1 base score is 9.9 (CRITICAL) with network access, low attack complexity, and all of confid...
CVE-2025-47559 WordPress MapSVG plugin <= 8.5.32 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG allows Upload a Web Shell to a Web Server. This issue affects MapSVG: from n/a through 8.5.32...
CVE-2025-49444 WordPress Reformer for Elementor <= 1.0.5 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor allows Upload a Web Shell to a Web Server. This issue affects Reformer for Elementor: from n/a through 1.0.5...
CVE-2025-49444
CVE-2025-49444 concerns merkulove Reformer for Elementor with an Unrestricted Upload of File with Dangerous Type vulnerability that allows uploading a Web Shell to the web server. Affected versions are up to 1.0.5 (inclusive). Multiple sources corroborate the issue and link it to an arbitrary fil...
CVE-2025-49444 WordPress Reformer for Elementor plugin <= 1.0.5 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor reformer-elementor allows Upload a Web Shell to a Web Server.This issue affects Reformer for Elementor: from n/a through = 1.0.5...
PT-2025-25680 · Mapsvg · Mapsvg
Name of the Vulnerable Software and Affected Versions: MapSVG versions prior to 8.5.32 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential control o...
WordPress plugin MapSVG 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
WordPress plugin Reformer for Elementor 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress plugin Flozen 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A code issue vulnerability exists i...
PT-2025-25688 · Unknown · Nasatheme Flozen
Name of the Vulnerable Software and Affected Versions: NasaTheme Flozen affected versions not specified Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and...
PT-2025-25710 · Unknown · Merkulove Reformer For Elementor
Name of the Vulnerable Software and Affected Versions: merkulove Reformer for Elementor versions 1.0.0 through 1.0.5 Description: The issue allows an attacker to upload a web shell to a web server, potentially leading to unauthorized access and control. This is due to an Unrestricted Upload of Fi...
PT-2025-25679 · WordPress · Rextheme Wp Vr
Name of the Vulnerable Software and Affected Versions: RexTheme WP VR versions through 8.5.26 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential...
WordPress plugin WP VR 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
CVE-2025-49329
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator WordPress: from n/a through = 1.5.2...
CVE-2025-49329
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator WordPress: from n/a through = 1.5.2...
CVE-2025-49329 WordPress Store Locator WordPress plugin <= 1.5.2 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator WordPress: from n/a through = 1.5.2...
CVE-2025-49329 WordPress Store Locator WordPress <= 1.5.2 - Arbitrary File Upload Vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress allows Upload a Web Shell to a Web Server. This issue affects Store Locator WordPress: from n/a through 1.5.2...