CWE-434
Medium likelihoodUnrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
4,012 vulnerabilities with CWE-434
CVE-2025-47452
CRITICAL
RexTheme WP VR <8.5.26 - RCE
CVSS 9.9
CVE-2025-32510
CRITICAL
Ovatheme Events Manager <1.8.4 - Code Injection
CVSS 10.0
CVE-2025-3515
HIGH
Codedropz Drag And Drop Multiple File... - Unrestricted File Upload
CVSS 8.1
CVE-2025-6161
HIGH
Fabian Simple Food Ordering System - Improper Access Control
CVSS 7.3
CVE-2025-3234
HIGH
Filester <1.8.8 - RCE
CVSS 7.2
CVE-2025-5012
HIGH
Workreap plugin <3.3.2 - RCE
CVSS 8.8
CVE-2025-6002
HIGH
VirtueMart - Unrestricted File Upload
CVSS 7.2
CVE-2025-5395
HIGH
WordPress Automatic Plugin <3.115.0 - File Upload
CVSS 8.8
CVE-2025-46612
HIGH
Airleader Master/Easy <6.36 - RCE
CVSS 7.2
CVE-2025-4954
HIGH
Axlethemes Axle Demo Importer < 1.0.3 - Unrestricted File Upload
CVSS 8.8
CVE-2025-4387
HIGH
Abandoned Cart Pro for WooCommerce <9.16.0 - Authenticated File Upload
CVSS 8.8
CVE-2025-32291
CRITICAL
SUMO Affiliates Pro <10.7.0 - Unrestricted Upload of File with Dang...
CVSS 10.0
CVE-2025-5873
MEDIUM
eCharge Hardy Barth Salia PLCC <2.3.81 - Unrestricted Upload
CVSS 6.3
CVE-2025-3835
CRITICAL
Zohocorp Manageengine Exchange Report... - Unrestricted File Upload
CVSS 9.6
CVE-2025-5840
HIGH
SourceCodester Client DBMS 1.0 - Unrestricted Upload
CVSS 7.3
CVE-2025-49329
MEDIUM
Agile Logix Store Locator <1.5.2 - Code Injection
CVSS 6.6
CVE-2025-48782
CRITICAL
Soar Cloud HRD <7.3.2025.0408 - RCE
CVSS 9.8
CVE-2025-5728
MEDIUM
Nikhil-bhalerao Open Source Clinic Ma... - Improper Access Control
CVSS 6.3
CVE-2025-3054
HIGH
WP User Frontend Pro <4.1.3 - Code Injection
CVSS 8.8
CVE-2025-20130
MEDIUM
Cisco ISE - RCE
CVSS 4.9
CVE-2025-29093
HIGH
Motivian Content Management System - Unrestricted File Upload
CVSS 8.2
CVE-2025-48953
MEDIUM
Umbraco <15.4.2,16.0.0 - File Upload
CVSS 5.5
CVE-2025-45855
MEDIUM
Erupt < 1.12.19 - Unrestricted File Upload
CVSS 5.4
CVE-2025-1725
MEDIUM
Bit File Manager <6.7 - XSS
CVSS 6.4
CVE-2025-5406
MEDIUM
Chaitak-gorai Blogbook < 2021-11-22 - Improper Access Control
CVSS 6.3
Details
Vulnerabilities
4,012
Exploit Likelihood
Medium