Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-17 | CVE-2025-2396 | The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. | 8.8 |
| 2025-03-16 | CVE-2025-2350 | A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. low complexity CWE-434 | 6.3 |
| 2025-03-12 | CVE-2025-2219 | Unrestricted Upload of File with Dangerous Type vulnerability in Lovecards A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. | 9.8 |
| 2025-03-12 | CVE-2025-2216 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzskzy Warehouse Refinement Management System 1.3 A vulnerability, which was classified as critical, has been found in zzskzy Warehouse Refinement Management System 1.3. | 9.8 |
| 2025-03-08 | CVE-2024-13359 | Unrestricted Upload of File with Dangerous Type vulnerability in Tychesoftwares Product Input Fields for Woocommerce The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to_order_item_meta() function in all versions up to, and including, 1.12.0. | 9.8 |
| 2025-03-08 | CVE-2024-13882 | Unrestricted Upload of File with Dangerous Type vulnerability in Coderevolution Aiomatic The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aiomatic_generate_featured_image' function in all versions up to, and including, 2.3.8. | 8.8 |
| 2025-03-08 | CVE-2024-13908 | Unrestricted Upload of File with Dangerous Type vulnerability in Bestwebsoft Smtp The SMTP by BestWebSoft plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_options' function in all versions up to, and including, 1.1.9. | 7.2 |
| 2025-03-06 | CVE-2025-2035 | A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. | 6.3 |
| 2025-03-04 | CVE-2025-1890 | Unrestricted Upload of File with Dangerous Type vulnerability in Shishuocms Project Shishuocms 1.1 A vulnerability has been found in shishuocms 1.1 and classified as critical. | 9.8 |
| 2025-02-28 | CVE-2024-8425 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpswings Woocommerce Ultimate Gift Card The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwb_wgm_preview_mail' and 'mwb_wgm_woocommerce_add_cart_item_data' functions in all versions up to, and including, 2.6.0. | 9.8 |