CVE-2025-10412 | Product Options and Price Calculation Formulas for WooCommerce Plugin uni_cpo_upload_file unrestricted upload

Inserito da Angelo Barbosa | Set 23, 2025 | CVE

A vulnerability classified as critical was found in Product Options and Price Calculation Formulas for WooCommerce Plugin up to 4.9.54 on WordPress. Affected by this issue is the function uni_cpo_upload_file. Executing manipulation can lead to unrestricted upload.

This vulnerability is tracked as CVE-2025-10412. The attack can be launched remotely. No exploit exists.

CVE-2025-10412 | Product Options and Price Calculation Formulas for WooCommerce Plugin uni_cpo_upload_file unrestricted upload

Post correlati

CVE-2023-51072 | Nagios XI up to 2024R1 Operation Center Section cross site scripting

CVE-2024-36423 | FlowiseAI Flowise up to 1.4.3 404 Page id cross site scripting (GHSL-2023-232)

CVE-2023-34348 | AVEVA PI Server 2023/up to 2018 SP3 P05 unknown vulnerability (icsa-24-018-01)

CVE-2024-35302 | JetBrains TeamCity up to 2023.10 Restore from Backup cross site scripting