| 2025-03-01 | CVE-2025-1791 | A vulnerability has been found in Zorlan SkyCaiji 2.9 and classified as critical. | 6.3 |
| 2025-02-28 | CVE-2024-8425 | The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwb_wgm_preview_mail' and 'mwb_wgm_woocommerce_add_cart_item_data' functions in all versions up to, and including, 2.6.0. network low complexity CWE-434 critical | 9.8 |
| 2025-02-26 | CVE-2025-0731 | An unauthenticated remote attacker can upload a .aspx file instead of a PV system picture through the demo account. | 6.5 |
| 2025-02-25 | CVE-2025-1128 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpeverest Everest Forms
The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion due to missing file type and path validation in the 'format' method of the EVF_Form_Fields_Upload class in all versions up to, and including, 3.0.9.4. | 9.8 |
| 2025-02-24 | CVE-2025-1598 | Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Church Management Software 1.0
A vulnerability was found in SourceCodester Best Church Management Software 1.0. | 9.8 |
| 2025-02-23 | CVE-2025-1593 | Unrestricted Upload of File with Dangerous Type vulnerability in Mayurik Best Employee Management System 1.0
A vulnerability classified as critical has been found in SourceCodester Best Employee Management System 1.0. | 9.8 |
| 2025-02-23 | CVE-2025-1590 | Unrestricted Upload of File with Dangerous Type vulnerability in Janobe E-Learning System 1.0
A vulnerability was found in SourceCodester E-Learning System 1.0. | 7.2 |
| 2025-02-17 | CVE-2025-1388 | Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells | 8.8 |
| 2025-02-16 | CVE-2025-1355 | Unrestricted Upload of File with Dangerous Type vulnerability in Needyamin Library Card System 1.0
A vulnerability was found in needyamin Library Card System 1.0. | 9.8 |
| 2025-02-12 | CVE-2024-10960 | Unrestricted Upload of File with Dangerous Type vulnerability in Brizy
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'storeUploads' function in all versions up to, and including, 2.6.4. | 8.8 |