CVE-2025-0394 | Groundhogg Plugin up to 3.7.3.5 on WordPress gh_big_file_upload unrestricted upload

Posted by Angelo Barbosa | Jan 13, 2025 | CVE

A vulnerability, which was classified as critical, was found in Groundhogg Plugin up to 3.7.3.5 on WordPress. Affected is the function gh_big_file_upload. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2025-0394. It is possible to launch the attack remotely. There is no exploit available.

CVE-2025-0394 | Groundhogg Plugin up to 3.7.3.5 on WordPress gh_big_file_upload unrestricted upload

Related Posts

CVE-2024-56510 | marp-team marp-core up to 3.9.0/4.0.0 cross site scripting (GHSA-x52f-h5g4-8qv5)

CVE-2024-0905 | Fancy Product Designer Plugin up to 6.1.7 on WordPress cross site scripting

CVE-2024-42273 | Linux Kernel up to 6.1.103/6.6.44/6.10.3 f2fs set_cluster_dirty Privilege Escalation

CVE-2024-13000 | Small Small CRM 1.0 /admin/quote-details.php id sql injection