CVE-2015-10135 – WordPress WPshop File Upload Vulnerability

July 19, 2025

CVE ID : CVE-2015-10135

Published : July 19, 2025, 10:15 a.m. | 13 hours, 29 minutes ago

Description : The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajaxUpload function in versions before 1.3.9.6. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2016-15043 – WordPress WP Mobile Detector Arbitrary File Upload Vulnerability

Next Article CVE-2012-10019 – WordPress Front End Editor Arbitrary File Upload Vulnerability

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Hitachi Energy Pledges $1B to Strengthen US Grid, Build Largest Transformer Plant in Virginia

How to debug a web app with Playwright MCP and GitHub Copilot

Between Strategy and Story: Thierry Chopain’s Creative Path

What You Need to Know About CSS Color Interpolation

Why browsers throttle JavaScript timers (and what to do about it)

Why browsers throttle JavaScript timers (and what to do about it)

How to create Google Gemini AI component in Total.js Flow

Drupal 11’s AI Features: What They Actually Mean for Your Team

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

CVE-2015-10135 – WordPress WPshop File Upload Vulnerability

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

Windows Hello Update: Microsoft Disables Facial Recognition in the Dark Due to Security Flaw

Grab OnePlus’ latest flagship smartwatch for up to $80 off – buy one while the deal lasts

CVE-2024-57235 – NETGEAR RAX5 Command Injection Vulnerability

CVE-2025-53910 – Mattermost Confluence Plugin Authentication Bypass

Setting Up Terraform: Installation and Configuration

CVE-2025-2775 – SysAid On-Prem XXE Remote Code Execution

Atlantic allies turn to xAI and OpenAI — Why chatbots are now a matter of national strategy

Everything to Know About GPT-5 Before Its Big Launch — It’ll Be Smarter Than All Current OpenAI Models Combined

CVE-2015-10135 – WordPress WPshop File Upload Vulnerability

Related Posts