CVE-2025-7441 | StoryChief Plugin up to 1.0.42 on WordPress API Endpoint webhook unrestricted upload

Inserito da Angelo Barbosa | Ago 15, 2025 | CVE

A vulnerability classified as critical was found in StoryChief Plugin up to 1.0.42 on WordPress. Affected by this vulnerability is an unknown functionality of the file /wp-json/storychief/webhook of the component API Endpoint. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2025-7441. The attack can be launched remotely. There is no exploit available.

CVE-2025-7441 | StoryChief Plugin up to 1.0.42 on WordPress API Endpoint webhook unrestricted upload

Post correlati

CVE-2025-23810 | Igor Sazonov Len Slider Plugin up to 2.0.11 on WordPress cross-site request forgery

CVE-2024-2012 | Hitachi Energy FOXMAN-UN/UNEM API Gateway authentication bypass

CVE-2023-52075 | ReVanced API up to 71f81f7f20cd26fd707335bca9838fa3e7df20d2 Error Cache exceptional condition (GHSA-852x-grxp-8p3q)

CVE-2024-5376 | Kashipara College Management System 1.0 view_each_faculty.php id cross site scripting