CVE-2025-8889 | Compress & Upload Plugin up to 1.0.4 on WordPress unrestricted upload

Inserito da Angelo Barbosa | Set 9, 2025 | CVE

A vulnerability classified as critical was found in Compress & Upload Plugin up to 1.0.4 on WordPress. This issue affects some unknown processing. Such manipulation leads to unrestricted upload.

This vulnerability is uniquely identified as CVE-2025-8889. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2025-8889 | Compress & Upload Plugin up to 1.0.4 on WordPress unrestricted upload

Post correlati

CVE-2024-48448 | Huly Platform 0.6.295 Tracker Comments Page unrestricted upload

CVE-2023-40223 | Philips Vue PACS prior 12.2.8.410 Actor privileges management (icsma-24-200-01)

VDB-282059 | Amazon AWS Cloud Development Kit S3 Bucket Name Format random values

CVE-2023-5672 | WP Mail Log Plugin up to 1.1.2 on WordPress path traversal