CWE-434

4,012 vulnerabilities with CWE-434

CVE-2025-7441 CRITICAL

StoryChief WordPress <1.0.42 - RCE

CVSS 9.8

CVE-2025-6079 HIGH

School Management System for Wordpress <93.2.0 - File Upload

CVSS 8.8

CVE-2025-54473 CRITICAL

Phoca Commander <5.0.1 - Authenticated RCE

CVE-2025-6679 CRITICAL

Bit Form builder plugin for WordPress <2.20.4 - File Upload

CVSS 9.8

CVE-2025-8965 MEDIUM

Linlinjava Litemall < 1.8.0 - Improper Access Control

CVSS 6.3

CVE-2025-54693 CRITICAL

epiphyt Form Block <1.5.5 - RCE

CVSS 9.0

CVE-2025-24775 CRITICAL

Made I.T. Forms <2.9.0 - Code Injection

CVSS 9.9

CVE-2025-8297 HIGH

Ivanti Avalanche < 6.4.8.8008 - Unrestricted File Upload

CVSS 7.2

CVE-2025-33023 MEDIUM

RUGGEDCOM - Info Disclosure

CVSS 4.1

CVE-2025-8859 MEDIUM

Fabian Eblog Site - Improper Access Control

CVSS 6.3

CVE-2025-8841 MEDIUM

Zlt2000 Microservices-platform < 6.0.0 - Improper Access Control

CVSS 6.3

CVE-2025-8798 HIGH

Oitcode Samarium < 0.9.6 - Improper Access Control

CVSS 7.3

CVE-2025-8775 MEDIUM

Qiyuesuo Electronic Signature < 4.34 - Improper Access Control

CVSS 6.3

CVE-2025-8764 MEDIUM

Linlinjava Litemall < 1.8.0 - Improper Access Control

CVSS 6.3

CVE-2025-55135 MEDIUM

Agora Foundation Agora fall23-Alpha1 - XSS

CVSS 6.4

CVE-2025-51056 HIGH

Vedo Suite <2024.17 - RCE

CVSS 8.2

CVE-2025-50286 HIGH

Grav CMS <1.7.48 - RCE

CVSS 8.1

CVE-2025-22470 CRITICAL

CL4/6NX Plus <1.15.5-r1 - RCE

CVSS 9.8

CVE-2025-52078 MEDIUM

Writebot AI Content Generator <4.0.0 - Privilege Escalation

CVSS 6.5

CVE-2025-6207 HIGH

WP Import Export Lite <3.9.28 - RCE

CVSS 7.5

CVE-2025-5061 HIGH

WP Import Export Lite <3.9.29 - RCE

CVSS 7.5

CVE-2025-8526 MEDIUM

Exrick Xboot < 3.3.4 - Improper Access Control

CVSS 6.3

CVE-2025-52239 CRITICAL

Zkeacms - Unrestricted File Upload

CVSS 9.8

CVE-2025-54962 MEDIUM

OpenPLC Runtime <9cd8f1b - File Upload

CVSS 6.4

CVE-2025-8504 MEDIUM

Anisha Kitchen Treasure - Improper Access Control

CVSS 6.3