| 2025-02-06 | CVE-2024-57668 | Unrestricted Upload of File with Dangerous Type vulnerability in Fabianros Shopping Portal 1.0
In Code-projects Shopping Portal v1.0, the insert-product.php page has an arbitrary file upload vulnerability. | 8.8 |
| 2025-02-05 | CVE-2025-1028 | The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the contact form upload feature in all versions up to, and including, 8.6.4. | 8.1 |
| 2025-02-03 | CVE-2024-57968 | Unrestricted Upload of File with Dangerous Type vulnerability in Advantive Veracore
Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). | 8.8 |
| 2025-01-28 | CVE-2024-13448 | Unrestricted Upload of File with Dangerous Type vulnerability in Themerex Addons
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'trx_addons_uploads_save_data' function in all versions up to, and including, 2.32.3. | 9.8 |
| 2025-01-27 | CVE-2025-0722 | Unrestricted Upload of File with Dangerous Type vulnerability in Needyamin Image Gallery Management System 1.0
A vulnerability classified as critical was found in needyamin image_gallery 1.0. | 7.2 |
| 2025-01-25 | CVE-2025-0357 | The WPBookit plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'WPB_Profile_controller::handle_image_upload' function in versions up to, and including, 1.6.9. network low complexity CWE-434 critical | 9.8 |
| 2025-01-24 | CVE-2025-0702 | A vulnerability classified as critical was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. | 6.3 |
| 2025-01-24 | CVE-2024-25034 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0/2.1
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the type of file in the File Manager T1 process. | 8.8 |
| 2025-01-24 | CVE-2024-40693 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Planning Analytics 2.0/2.1
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. | 8.0 |
| 2025-01-22 | CVE-2024-13091 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpbot Wpot
The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'qcld_wpcfb_file_upload' function in all versions up to, and including, 13.5.4. | 9.8 |