CVE-2025-13329 | File Uploader for WooCommerce Plugin up to 1.0.3 on WordPress REST API Endpoint add-image-data unrestricted upload

Inserito da Angelo Barbosa | Dic 19, 2025 | CVE

A vulnerability, which was classified as critical, has been found in File Uploader for WooCommerce Plugin up to 1.0.3 on WordPress. This affects the function add-image-data of the component REST API Endpoint. Performing manipulation results in unrestricted upload.

This vulnerability was named CVE-2025-13329. The attack may be initiated remotely. There is no available exploit.

CVE-2025-13329 | File Uploader for WooCommerce Plugin up to 1.0.3 on WordPress REST API Endpoint add-image-data unrestricted upload

Post correlati

CVE-2023-40539 | Philips Vue PACS prior 12.2.8.410 weak password (icsma-24-200-01)

CVE-2023-46958: lmxcms admin.php Privilege Escalation

CVE-2024-43387 | Phoenix Contact FL MGUARD 2102 EMAIL_RELAY_PASSWORD os command injection (VDE-2024-039)

CVE-2024-48865 | QNAP QTS/QuTS hero certificate validation (qsa-24-49)