exploitDog

GHSA-2m2x-qh8q-wgqq

Опубликовано: 04 июл. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.

Ссылки

EPSS

Процентиль: 19%

0.0006

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2025-28951

CVSS3: 9.1

nvd

7 месяцев назад

Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.

EPSS

Процентиль: 19%

0.0006

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-434