CVE-2025-12973 | S2B AI Assistant Plugin up to 1.7.8 on WordPress storeFile unrestricted upload

Inserito da Angelo Barbosa | Nov 20, 2025 | CVE

A vulnerability categorized as critical has been discovered in S2B AI Assistant Plugin up to 1.7.8 on WordPress. This affects the function storeFile. Executing manipulation can lead to unrestricted upload.

This vulnerability is tracked as CVE-2025-12973. The attack can be launched remotely. No exploit exists.

CVE-2025-12973 | S2B AI Assistant Plugin up to 1.7.8 on WordPress storeFile unrestricted upload

Post correlati

CVE-2024-50063 | Linux Kernel up to 6.6.56/6.11.3 bpf return value (5d5e3b4cbe8e/88c2a10e6c17/28ead3eaabc1)

CVE-2025-8839 | jshERP up to 3.5 Endpoint addUser improper authorization (Issue 125)

CVE-2024-0194 | CodeAstro Internet Banking System up to 1.0 Profile Picture pages_account.php unrestricted upload

CVE-2024-46648 | eNMS 4.4.0/4.7.1 scan_folder path traversal