CVE-2025-4279 | External Image Replace Plugin up to 1.0.8 on WordPress replace_post unrestricted upload

Inserito da Angelo Barbosa | Mag 5, 2025 | CVE

A vulnerability classified as critical was found in External Image Replace Plugin up to 1.0.8 on WordPress. Affected by this vulnerability is the function external_image_replace_get_posts::replace_post. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2025-4279. The attack can be launched remotely. There is no exploit available.

CVE-2025-4279 | External Image Replace Plugin up to 1.0.8 on WordPress replace_post unrestricted upload

Post correlati

CVE-2024-37406 | Brave Browser up to 1.67.115 on Android Shields Popup ui layer

CVE-2024-8002 | VIWIS LMS 9.11 File Upload filename cross site scripting

CVE-2024-23317 | Gallagher Controller 6000/Controller 7000 file inclusion

CVE-2024-25753 | Tenda AC9 15.03.06.42_multi formSetDeviceName stack-based overflow