CVE-2025-3054 | WP User Frontend Pro Plugin up to 4.1.3 on WordPress upload_files unrestricted upload

Inserito da Angelo Barbosa | Giu 4, 2025 | CVE

A vulnerability, which was classified as critical, has been found in WP User Frontend Pro Plugin up to 4.1.3 on WordPress. This issue affects the function upload_files. The manipulation leads to unrestricted upload.

The identification of this vulnerability is CVE-2025-3054. The attack may be initiated remotely. There is no exploit available.

CVE-2025-3054 | WP User Frontend Pro Plugin up to 4.1.3 on WordPress upload_files unrestricted upload

Post correlati

CVE-2024-4963 | D-Link DAR-7000-40 V31R02B1413C /url/url.php file_upload unrestricted upload (SAP10354)

CVE-2024-44970 | Linux Kernel up to 6.1.104/6.6.45/6.10.4 mlx5_wq_ll_pop Privilege Escalation

CVE-2024-56533 | Linux Kernel up to 6.12.1 ALSA snd_card_free_when_closed Privilege Escalation

CVE-2024-10023 | code-projects Pharmacy Management System 1.0 add_new_medicine.php name/packing/generic_name/suppliers_name sql injection