CVE-2025-12640 | Folders Plugin up to 3.1.5 on WordPress handle_folders_file_upload authorization

Inserito da Angelo Barbosa | Gen 7, 2026 | CVE

A vulnerability was found in Folders Plugin up to 3.1.5 on WordPress. It has been classified as problematic. This affects the function handle_folders_file_upload. Performing a manipulation results in missing authorization.

This vulnerability is reported as CVE-2025-12640. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-12640 | Folders Plugin up to 3.1.5 on WordPress handle_folders_file_upload authorization

Post correlati

CVE-2024-29024 | JumpServer up to 3.10.5 authorization (GHSA-8wqm-rfc7-q27q)

CVE-2024-1842 | WPBakery Visual Composer Plugin up to 7.5 on WordPress Custom Heading Tag Attribute cross site scripting

CVE-2016-15038 | NUUO NVRmini 2 up to 3.0.8 /deletefile.php filename path traversal (Exploit 40214)

CVE-2025-41678 | MB Connect Line mbNET.mini up to 2.3.2 Configuration Database sql injection (VDE-2025-058)