VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 36 of 84
  • CVE-2025-3054HigJun 5, 2025
    risk 0.57cvss 8.8epss 0.01

    The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the upload_files() function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access…

  • CVE-2025-4800HigMay 28, 2025
    risk 0.57cvss 8.8epss 0.01

    The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrary file uploads due to a missing file type validation in the stm_lms_add_assignment_attachment function in all versions up to, and including, 4.7.0. This makes it possible for authenticated attackers, with…

  • CVE-2025-5058CriMay 24, 2025
    risk 0.57cvss 9.8epss 0.01

    The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_image() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload…

  • CVE-2025-3917CriMay 15, 2025
    risk 0.57cvss 9.8epss 0.01

    The 百度站长SEO合集(支持百度/神马/Bing/头条推送) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download_remote_image_to_media_library function in all versions up to, and including, 2.0.6. This makes it…

  • CVE-2025-4317HigMay 13, 2025
    risk 0.57cvss 8.8epss 0.01

    The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and…

  • CVE-2025-4561HigMay 12, 2025
    risk 0.57cvss 8.8epss 0.01

    The KFOX from KingFor has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privilege to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

  • CVE-2025-4403CriMay 9, 2025
    risk 0.57cvss 9.8epss 0.02

    The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.1.6 due to accepting a user‐supplied supported_type string and the uploaded filename without enforcing real extension or…

  • CVE-2025-4279HigMay 5, 2025
    risk 0.57cvss 8.8epss 0.01

    The External image replace plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'external_image_replace_get_posts::replace_post' function in all versions up to, and including, 1.0.8. This makes it possible for authenticated…

  • CVE-2025-2525HigApr 8, 2025
    risk 0.57cvss 8.8epss 0.01

    The Streamit theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'st_Authentication_Controller::edit_profile' function in all versions up to, and including, 4.0.1. This makes it possible for authenticated attackers, with…

  • CVE-2025-2891HigApr 1, 2025
    risk 0.57cvss 8.8epss 0.01

    The Real Estate 7 WordPress theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'template-submit-listing.php' file in all versions up to, and including, 3.5.4. This makes it possible for authenticated attackers, with…

  • CVE-2025-2249HigMar 29, 2025
    risk 0.57cvss 8.8epss 0.01

    The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj_soundslides_options_subpanel() function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with…

  • CVE-2025-2006HigMar 29, 2025
    risk 0.57cvss 8.8epss 0.01

    The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the file uploading functionality in all versions up to, and including, 1.1.19. This makes it possible for authenticated attackers, with…

  • CVE-2024-54525HigMar 17, 2025
    risk 0.57cvss 8.8epss 0.01

    A logic issue was addressed with improved file handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Restoring a maliciously crafted backup file may lead to modification of protected system files.

  • CVE-2024-13714HigFeb 12, 2025
    risk 0.57cvss 8.8epss 0.01

    The All-Images.ai – IA Image Bank and Custom Image creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_get_image_by_url' function in all versions up to, and including, 1.0.4. This makes it possible for…

  • CVE-2025-26411HigFeb 11, 2025
    risk 0.57cvss 8.8epss 0.01

    An authenticated attacker is able to use the Plugin Manager of the web interface of the Wattsense Bridge devices to upload malicious Python files to the device. This enables an attacker to gain remote root access to the device. An attacker needs a valid user account on the…

  • CVE-2025-24505HigJan 30, 2025
    risk 0.57cvss epss 0.00

    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.

  • CVE-2024-43657HigJan 9, 2025
    risk 0.57cvss 8.8epss 0.01

    Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: High. However, the attacker will need a (low…

  • CVE-2024-43656HigJan 9, 2025
    risk 0.57cvss 8.8epss 0.01

    Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – It might be difficult for an…

  • CVE-2025-22137CriJan 8, 2025
    risk 0.57cvss 9.8epss 0.01

    Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via HTTP…

  • CVE-2024-12700HigDec 19, 2024
    risk 0.57cvss 8.8epss 0.01

    There is an unrestricted file upload vulnerability where it is possible for an authenticated user (low privileged) to upload an jsp shell and execute code with the privileges of user running the web server.