CVE-2025-1093 – WordPress AIHub Theme Remote Code Execution File Upload Vulnerability

April 22, 2025

CVE ID : CVE-2025-1093

Published : April 19, 2025, 4:15 a.m. | 3 days, 13 hours ago

Description : The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site’s server which may make remote code execution possible.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-1950 – IBM Hardware Management Console – Local Command Execution Vulnerability

Next Article CVE-2025-3278 – “UrbanGo Membership Plugin Privilege Escalation Vulnerability”

Highlights

Exploits and vulnerabilities in Q1 2025

May 30, 2025

Exploits and vulnerabilities in Q1 2025

The first quarter of 2025 saw the continued publication of vulnerabilities discovered and fixed in 2024, as some researchers were previously unable to disclose the details. This partially shifted the …
Read more

Published Date:
May 30, 2025 (1 hour, 50 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-24071

CVE-2025-21333

CVE-2024-35250

CVE-2022-3699

CVE-2023-38831

CVE-2022-0847

CVE-2021-3156

CVE-2019-13272

CVE-2018-0802

CVE-2017-11882

CVE-2017-0199

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

Handling JavaScript Event Listeners With Parameters

ChatGPT now has an agent mode

Scrum Alliance and Kanban University partner to offer new course that teaches both methodologies

Is ChatGPT down? You’re not alone. Here’s what OpenAI is saying

I found a tablet that could replace my iPad and Kindle – and it’s worth every penny

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

Execute Ping Commands and Get Back Structured Data in PHP

Execute Ping Commands and Get Back Structured Data in PHP

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

I Made Kitty Terminal Even More Awesome by Using These 15 Customization Tips and Tweaks

Microsoft confirms active cyberattacks on SharePoint servers

How to Manually Check & Install Windows 11 Updates (Best Guide)

CVE-2025-1093 – WordPress AIHub Theme Remote Code Execution File Upload Vulnerability

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics

CVE-2025-7614 – TOTOLINK T6 Command Injection Vulnerability

A drug developer is buying 23andMe – what does that mean for your DNA data?

CVE-2025-49223 – Billboard.js Prototype Pollution Vulnerability

Don’t miss these fantastic DJI drone deals during Amazon Prime Day

Exploits and vulnerabilities in Q1 2025

CVE-2025-47937 – TYPO3 Table Query Privilege Escalation Vulnerability

Frostpunk 1886 is a reimagining of the original game, and it’s coming in 2027

Test Job Failures Precisely with Laravel’s assertFailedWith Method

CVE-2025-1093 – WordPress AIHub Theme Remote Code Execution File Upload Vulnerability

Related Posts