CVE-2025-49444 – Merkulove Reformer for Elementor Unrestricted File Upload Vulnerability

June 17, 2025

CVE ID : CVE-2025-49444

Published : June 17, 2025, 3:15 p.m. | 2 hours, 59 minutes ago

Description : Unrestricted Upload of File with Dangerous Type vulnerability in merkulove Reformer for Elementor allows Upload a Web Shell to a Web Server. This issue affects Reformer for Elementor: from n/a through 1.0.5.

Severity: 10.0 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-49447 – Fastw3b LLC FW Food Menu Unrestricted File Upload Vulnerability

Next Article CVE-2025-49508 – LoftOcean CozyStay PHP Remote File Inclusion Vulnerability

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

The biggest rival for Microsoft’s Xbox Ally is Valve’s Steam Deck, not Switch 2, so stop comparing the wrong gaming handhelds

Microsoft Copilot for Power Platform

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

Mastering TypeScript: Your Ultimate Guide to Types, Inference & Compatibility

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

CVE-2025-49444 – Merkulove Reformer for Elementor Unrestricted File Upload Vulnerability

CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat

Linux-lek geeft aanvaller roottoegang: “organisaties moeten meteen patchen”

PowerToys 0.91 update brings major improvements to Command Palette & more

What’s the Real Cost of Building an AI Solution in 2025? A Comprehensive Guide💰

Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware

CVE-2025-2185 – ALBEDO Telecom Net.Time PTP/NTP Clock Authentication Bypass

One of the best gaming chairs we’ve given a 5-star rating to is now available to purchase in the UK

CVE-2025-3953 – WordPress WP Statistics Unauthenticated Settings Modification Vulnerability

facad is a modern colorful directory listing tool

CVE-2025-25228 – VirtueMart SQL Injection Vulnerability

CVE-2025-49444 – Merkulove Reformer for Elementor Unrestricted File Upload Vulnerability

Related Posts