VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Unrestricted Upload of File with Dangerous Type
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-25
CVE-2025-0357
The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPB_Profile_controller::handle_image_upload' function in versions up to, and including, 1.6.9.
network
low complexity
CWE-434
critical
9.8
9.8
2025-01-24
CVE-2025-0702
A vulnerability classified as critical was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d.
network
low complexity
CWE-434
6.3
6.3
2025-01-24
CVE-2024-25034
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process.
network
low complexity
CWE-434
8.0
8.0
2025-01-24
CVE-2024-40693
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface.
network
low complexity
CWE-434
8.0
8.0
2025-01-22
CVE-2024-13091
Unrestricted Upload of File with Dangerous Type vulnerability in Wpbot Wpot
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_file_upload' function in all versions up to, and including, 13.5.4.
network
low complexity
wpbot
CWE-434
critical
9.8
9.8
2025-01-20
CVE-2025-0582
Unrestricted Upload of File with Dangerous Type vulnerability in Angeljudesuarez Tailoring Management System 1.0
A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0.
network
low complexity
angeljudesuarez
CWE-434
7.2
7.2
2025-01-17
CVE-2024-13333
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' function in versions 5.2.12 to 5.2.13.
network
high complexity
CWE-434
7.5
7.5
2025-01-16
CVE-2024-13355
The Admin and Customer Messages After Order for WooCommerce: OrderConvo plugin for WordPress is vulnerable to limited file uploads due to insufficient file type validation in the upload_file() function in all versions up to, and including, 13.2.
network
low complexity
CWE-434
5.4
5.4
2025-01-14
CVE-2025-0394
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gh_big_file_upload() function in all versions up to, and including, 3.7.3.5.
network
low complexity
CWE-434
8.8
8.8
2025-01-09
CVE-2025-0346
Unrestricted Upload of File with Dangerous Type vulnerability in Code-Projects Content Management System 1.0
A vulnerability was found in code-projects Content Management System 1.0.
network
low complexity
code-projects
CWE-434
7.2
7.2
«
Previous
1
2
3
(current)
4
5
...
196
197
»
Next