CVE-2025-23942 WordPress WP Load Gallery Plugin <= 2.1.6 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in ngocuct0912 WP Load Gallery wp-load-gallery allows Upload a Web Shell to a Web Server.This issue affects WP Load Gallery: from n/a through = 2.1.6...

CVE-2025-23921 WordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

CVE-2025-23921

The vulnerability CVE-2025-23921 affects the WordPress plugin Multi Uploader for Gravity Forms (notFound) and is described as Unrestricted Upload of File with Dangerous Type, enabling uploading a web shell to the web server. Public details indicate the issue affects versions from an unspecified s...

CVE-2025-23918

CVE-2025-23918 concerns Smallerik File Browser, where Unrestricted Upload of File with Dangerous Type could allow an attacker to upload a Web Shell to the server. The initial description confirms the vulnerability exists in Smallerik File Browser versions up to 1.1 (n/a through 1.1). Connected so...

CVE-2025-23921 WordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in sh1zen Multi Uploader for Gravity Forms gf-multi-uploader allows Upload a Web Shell to a Web Server.This issue affects Multi Uploader for Gravity Forms: from n/a through = 1.1.3...

CVE-2025-23918 WordPress Smallerik File Browser plugin <= 1.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Enrico Sandoli Smallerik File Browser smallerik-file-browser allows Upload a Web Shell to a Web Server.This issue affects Smallerik File Browser: from n/a through = 1.1...

CVE-2025-23918 WordPress Smallerik File Browser plugin <= 1.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Enrico Sandoli Smallerik File Browser smallerik-file-browser allows Upload a Web Shell to a Web Server.This issue affects Smallerik File Browser: from n/a through = 1.1...

PT-2025-5220 · Unknown · Ngoccode Wp Load Gallery

Name of the Vulnerable Software and Affected Versions: NgocCode WP Load Gallery versions 2.1.6 and earlier Description: The issue allows unrestricted upload of files with dangerous types, enabling attackers to upload a web shell to a web server. This can be exploited by uploading malicious files,...

CVE-2025-22723

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

CVE-2025-22723 WordPress Barcode Scanner and Inventory manager plugin <= 1.6.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

CVE-2025-22723

CVE-2025-22723 concerns the UkrSolution Barcode Scanner with Inventory & Order Manager (Barcode Scanner plugin). The issue is an unrestricted upload of a file with a dangerous type, enabling an attacker to upload a web shell to the web server. Impact is described as high/high in the CVE metrics (...

CVE-2025-22723 WordPress Barcode Scanner and Inventory manager plugin <= 1.6.7 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Upload a Web Shell to a Web Server.This issue affects Barcode Scanner with...

PT-2025-4650 · Ukrsolution · Ukrsolution Barcode Scanner With Inventory & Order Manager

Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Scanner with Inventory & Order Manager versions 1.6.7 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can...

CVE-2025-23922

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-23922 WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-23922

CVE-2025-23922 concerns the WordPress iSpring Embedder plugin

CVE-2025-23922 WordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF vulnerability in Harsh iSpring Embedder embed-ispring allows Upload a Web Shell to a Web Server.This issue affects iSpring Embedder: from n/a through = 1.0...

CVE-2025-22782

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through = 1.0.8...

CVE-2025-22782 WordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through 1.0.8...

CVE-2025-22782 WordPress WR Price List Manager For Woocommerce plugin <= 1.0.8 - Remote Code Execution (RCE) vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce wr-price-list-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through = 1.0.8...