VYPR

CWE-434

Unrestricted Upload of File with Dangerous Type

BaseDraftLikelihood: Medium

Description

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-1

CVEs mapped to this weakness (1,669)

page 62 of 84
  • CVE-2026-8134HigMay 21, 2026
    risk 0.40cvss 7.2epss 0.01

    Concrete CMS 9.5.0 and below fails to sanitize path traversal sequences in the ptComposerFormLayoutSetControlCustomTemplate field when saving page type composer form layouts. An authenticated rogue administrator with composer form editing rights can exploit this to include…

  • CVE-2026-27891HigMay 18, 2026
    risk 0.40cvss 7.2epss 0.01

    FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system fails to properly validate the file paths within uploaded ZIP archives. This allows an attacker to perform a…

  • CVE-2026-44566HigMay 15, 2026
    risk 0.40cvss 7.3epss 0.00

    Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to…

  • CVE-2026-41937HigMay 14, 2026
    risk 0.40cvss 7.2epss 0.00

    Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code by uploading a malicious plugin ZIP file. Attackers can craft a ZIP containing a plugin.php with a valid Slug header…

  • CVE-2026-6835MedApr 22, 2026
    risk 0.40cvss 6.1epss 0.00

    The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result in a XSS-like effect.

  • CVE-2026-6596HigApr 20, 2026
    risk 0.40cvss 7.3epss 0.00

    A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component API Endpoint. The manipulation results in unrestricted upload. It is possible to…

  • CVE-2019-25616MedMar 22, 2026
    risk 0.40cvss 6.2epss 0.00

    AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition.

  • CVE-2026-2269HigMar 3, 2026
    risk 0.40cvss 7.2epss 0.01

    The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the download_url() function. This makes it possible for authenticated…

  • CVE-2026-1400HigJan 28, 2026
    risk 0.40cvss 7.2epss 0.01

    The AI Engine – The Chatbot and AI Framework for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the `rest_helpers_update_media_metadata` function in all versions up to, and including, 3.3.2. This makes it possible…

  • CVE-2025-14842MedJan 7, 2026
    risk 0.40cvss 6.1epss 0.00

    The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to limited upload of files with a dangerous type in all versions up to, and including, 1.3.9.2. This is due to the plugin not blocking .phar and .svg files. This makes it possible for…

  • CVE-2025-12399HigNov 8, 2025
    risk 0.40cvss 7.2epss 0.01

    The Alex Reservations: Smart Restaurant Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-json/srr/v1/app/upload/file REST endpoint in all versions up to, and including, 2.2.3. This makes it possible for…

  • CVE-2025-11967HigNov 8, 2025
    risk 0.40cvss 7.2epss 0.00

    The Mail Mint plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the process_contact_attribute_import function in all versions up to, and including, 1.18.10. This makes it possible for authenticated attackers, with…

  • CVE-2025-10001HigSep 10, 2025
    risk 0.40cvss 7.2epss 0.01

    The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import functionality in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with…

  • CVE-2024-9648MedAug 28, 2025
    risk 0.40cvss 6.1epss 0.00

    The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the WP_Ulike_Pro_File_Uploader class in all versions up to, and including, 1.9.3. This makes it possible for unauthenticated attackers to upload limited…

  • CVE-2024-9504HigNov 26, 2024
    risk 0.40cvss 7.2epss 0.00

    The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 3.2.15 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2022-1206HigAug 20, 2024
    risk 0.40cvss 7.2epss 0.01

    The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotate_insert_media() function in all versions up to, and including, 5.13.2. This makes it possible…

  • CVE-2024-3022HigApr 4, 2024
    risk 0.40cvss 7.2epss 0.02

    The BookingPress plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient filename validation in the 'bookingpress_process_upload' function in all versions up to, and including 1.0.87. This allows an authenticated attacker with administrator-level…

  • CVE-2023-6635HigFeb 5, 2024
    risk 0.40cvss 7.2epss 0.02

    The EditorsKit plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'import_styles' function in versions up to, and including, 1.40.3. This makes it possible for authenticated attackers with administrator-level capabilities or…

  • CVE-2024-1069HigJan 31, 2024
    risk 0.40cvss 7.2epss 0.01

    The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities…

  • CVE-2023-6636HigJan 11, 2024
    risk 0.40cvss 7.2epss 0.01

    The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation on the 'gspb_save_files' function in versions up to, and including, 7.6.2. This makes it possible for authenticated attackers…