CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

May 19, 2025

CVE ID : CVE-2025-39402

Published : May 19, 2025, 8:15 p.m. | 3 hours, 59 minutes ago

Description : Unrestricted Upload of File with Dangerous Type vulnerability in mojoomla WPAMS allows Upload a Web Shell to a Web Server.This issue affects WPAMS: from n/a through 44.0 (17-08-2023).

Severity: 9.9 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46441 – CTLTWP Section Widget Path Traversal Vulnerability

Next Article CVE-2025-39401 – Mojoomla WPAMS Unrestricted File Upload Vulnerability

Highlights

CVE-2025-2850 – “GL.iNet Router Unauthorized Download Interface Processing Vulnerability”

April 26, 2025

CVE ID : CVE-2025-2850

Published : April 26, 2025, 8:15 a.m. | 3 hours, 49 minutes ago

Description : A vulnerability was found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint, GL-AXT1800 Slate AX, GL-B1300 Convexa-B, GL-B3000 Marble, GL-BE3600 Slate 7, GL-E750, GL-E750V2 Mudi, GL-MT300N-V2 Mango, GL-MT1300 Beryl, GL-MT2500 Brume 2, GL-MT3000 Beryl AX, GL-MT6000 Flint 2, GL-SFT1200 Opal, GL-X300B Collie, GL-X750 Spitz, GL-X3000 Spitz AX, GL-XE300 Puli and GL-XE3000 Puli AX 4.x. It has been rated as problematic. This issue affects some unknown processing of the component Download Interface. The manipulation leads to improper authorization. It is recommended to upgrade the affected component.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

NVIDIA’s latest driver fixes some big issues with DOOM: The Dark Ages

Community News: Latest PECL Releases (05.20.2025)

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Universal Design and Global Accessibility Awareness Day (GAAD)

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

GPT-5 should have a higher “degree of scientific certainty” than the current ChatGPT — but with less model switching

Elon Musk’s Grok 3 AI coming to Azure proves Satya Nadella’s allegiance isn’t to OpenAI, but to maximizing Microsoft’s profit gains by heeding consumer demands

One of the most promising open-world RPGs in years is releasing next week on Xbox and PC

CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4996 – Intelbras RF 301K Cross-Site Scripting Vulnerability

Python Concurrency: Multithreading and Multiprocessing

With 700,000 Large Language Models (LLMs) On Hugging Face Already, Where Is The Future of Artificial Intelligence AI Headed?

Understanding the :root Selector and CSS Variables

Build multi-tenant architectures on Amazon Neptune

CVE-2025-2850 – “GL.iNet Router Unauthorized Download Interface Processing Vulnerability”

CVE-2025-4556 – Okcat Parking Management Platform ZONG YU Remote Code Execution (RCE)

Googleâ€™s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine

Always deploy at peak traffic

CVE-2025-39402 – Mojoomla WPAMS Unrestricted File Upload Remote Code Execution

Related Posts