VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 12 of 84
  • CVE-2018-25436CriJun 15, 2026
    risk 0.64cvss 9.8epss 0.01

    WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-package.php endpoint. Attackers can submit POST requests with malicious file…

  • CVE-2026-53787CriJun 12, 2026
    risk 0.64cvss 9.8epss 0.04

    Amasty Order Attributes for Magento 2 before version 4.0.0 contains an unauthenticated arbitrary file upload vulnerability that allows unauthenticated attackers to write arbitrary files to the store's media directory by submitting files of any type or name to the upload endpoint…

  • CVE-2026-11839CriJun 11, 2026
    risk 0.64cvss 9.9epss 0.00

    Unrestricted upload of file with dangerous type vulnerability in Başarsoft Information Technologies Inc. Rotaban allows Upload a Web Shell to a Web Server. This issue affects Rotaban: from V2026.06.002 before V2026.06.003.

  • CVE-2026-7852CriJun 11, 2026
    risk 0.64cvss 9.8epss 0.00

    Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9.

  • CVE-2024-58349CriJun 8, 2026
    risk 0.64cvss 9.8epss 0.01

    WordPress Theme Travelscape 1.0.3 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting insufficient validation in the theme's upload functionality. Attackers can upload arbitrary files to the theme…

  • CVE-2024-58348CriJun 8, 2026
    risk 0.64cvss 9.8epss 0.01

    WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to…

  • CVE-2026-10071CriMay 29, 2026
    risk 0.64cvss 9.8epss 0.01

    DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

  • CVE-2026-42748CriMay 27, 2026
    risk 0.64cvss 9.9epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.

  • CVE-2026-6960CriMay 21, 2026
    risk 0.64cvss 9.8epss 0.01

    The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versions up to, and including, 5.6. This makes it possible for unauthenticated…

  • CVE-2026-6555CriMay 20, 2026
    risk 0.64cvss 9.8epss 0.01

    The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in the upload array undergoes extension and MIME type validation, while all files…

  • CVE-2026-4883CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.01

    The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in all versions up to, and including, 2.1.40. The plugin uses an incomplete extension blacklist that only blocks…

  • CVE-2026-4885CriMay 19, 2026
    risk 0.64cvss 9.8epss 0.01

    The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafe_ajax_form_builder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only…

  • CVE-2021-47965CriMay 15, 2026
    risk 0.64cvss 9.8epss 0.01

    WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to…

  • CVE-2026-4882CriMay 2, 2026
    risk 0.64cvss 9.8epss 0.01

    The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload' function in all versions up to, and including, 1.6.20. This makes it possible for unauthenticated attackers to…

  • CVE-2022-50993CriApr 30, 2026
    risk 0.64cvss 9.8epss 0.01

    Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload malicious files by sending multipart POST requests with arbitrary filenames and…

  • CVE-2026-6885CriApr 23, 2026
    risk 0.64cvss 9.8epss 0.01

    Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

  • CVE-2026-1555CriApr 15, 2026
    risk 0.64cvss 9.8epss 0.01

    The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the io_img_upload() function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the…

  • CVE-2026-38526CriApr 14, 2026
    risk 0.64cvss 9.9epss 0.01

    An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading a crafted PHP file.

  • CVE-2026-3535CriApr 8, 2026
    risk 0.64cvss 9.8epss 0.01

    The DSGVO Google Web Fonts GDPR plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the `DSGVOGWPdownloadGoogleFonts()` function in all versions up to, and including, 1.1. The function is exposed via a `wp_ajax_nopriv_` hook,…

  • CVE-2016-20052CriApr 4, 2026
    risk 0.64cvss 9.8epss 0.01

    Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and…