CVE-2025-5395 – WordPress Automatic Plugin Unvalidated File Upload Vulnerability

June 11, 2025

CVE ID : CVE-2025-5395

Published : June 11, 2025, 7:15 a.m. | 2 hours, 37 minutes ago

Description : The WordPress Automatic Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the ‘core.php’ file in all versions up to, and including, 3.115.0. This makes it possible for authenticated attackers, with Author-level access and above, to upload arbitrary files on the affected site’s server which may make remote code execution possible.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-29756 – SunGrow iSolarCloud MQTT Credentials Disclosure and Decryption Key Extraction Vulnerability

Next Article CVE-2024-35295 – Perfect Harmony GH180 Physical Access Configuration Change Vulnerability

Highlights

CVE-2025-26864 – Apache IoTDB OpenIdAuthorizer Sensitive Information Exposure and Tampering

May 14, 2025

CVE ID : CVE-2025-26864

Published : May 14, 2025, 11:16 a.m. | 51 minutes ago

Description : Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB.

This issue affects Apache IoTDB: from 0.10.0 through 1.3.3, from 2.0.1-beta before 2.0.2.

Users are recommended to upgrade to version 1.3.4 and 2.0.2, which fix the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

6 registry tweaks every tech-savvy user must apply on Windows 11

Here’s why network infrastructure is vital to maximizing your company’s AI adoption

The AI video tool behind the most viral social trends right now

Got a new password manager? How to clean up the password mess you left in the cloud

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

6 registry tweaks every tech-savvy user must apply on Windows 11

6 registry tweaks every tech-savvy user must apply on Windows 11

Is Chrome Copying Edge? ‘Omnibox Tools’ Bring Edge-Style Address Bar Shortcuts

Windows 11 24H2’s new Start Menu auto-changes size based on screen resolution

CVE-2025-5395 – WordPress Automatic Plugin Unvalidated File Upload Vulnerability

Tenable Agent for Windows Vulnerability Let Attackers Login as Admin to Delete The System Files

Meta Invests $14.3 Billion in Scale AI, Recruits Founder Alexandr Wang for Superintelligence Lab

I used to dread big design projects — until I figured this out

Navigating Dates Elegantly with Carbon in Laravel

FOG Ransomware Campaign Targets Multiple Sectors with Phishing and Payload Obfuscation

System Cleaner BleachBit Sees First ‘Major Update’ Since 2023

CVE-2025-26864 – Apache IoTDB OpenIdAuthorizer Sensitive Information Exposure and Tampering

Xbox Games Showcase 2025 revealed for June 8, 2025: Outer Worlds 2 deep dive confirmed, as Xbox gears up for the future

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1

I tested LG’s new ultrathin 2-in-1, and it handles creative workloads like a dream

CVE-2025-5395 – WordPress Automatic Plugin Unvalidated File Upload Vulnerability

Related Posts