CVE-2025-53260 – Redhawk Studio WordPress File Manager Unrestricted File Upload Vulnerability

June 27, 2025

CVE ID : CVE-2025-53260

Published : June 27, 2025, 2:15 p.m. | 4 hours, 29 minutes ago

Description : Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager Plugin For WordPress allows Upload a Web Shell to a Web Server. This issue affects File Manager Plugin For WordPress: from n/a through 7.5.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53277 – Infigo Software IS-theme-companion CSRF Object Injection

Next Article Citrix Bleed 2 flaw now believed to be exploited in attacks

Highlights

CVE-2013-10051 – InstantCMS PHP Code Execution Vulnerability

August 1, 2025

CVE ID : CVE-2013-10051

Published : Aug. 1, 2025, 9:15 p.m. | 2 hours, 19 minutes ago

Description : A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and executed without proper sanitation. A remote attacker can exploit this flaw by sending a crafted HTTP GET request with a base64-encoded payload in the Cmd header, resulting in arbitrary PHP code execution within the context of the web server.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-53260 – Redhawk Studio WordPress File Manager Unrestricted File Upload Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

PostgreSQL 18 adds asynchronous I/O to improve performance

IBM AI Releases Granite 4.0 Tiny Preview: A Compact Open-Language Model Optimized for Long-Context and Instruction Tasks

CVE-2025-4788 – FreeFloat FTP Server DELETE Command Handler Buffer Overflow Vulnerability

Cost tracking multi-tenant model inference on Amazon Bedrock

CVE-2013-10051 – InstantCMS PHP Code Execution Vulnerability

CVE-2025-7431 – WordPress Knowledge Base Stored Cross-Site Scripting Vulnerability

CVE-2025-8180 – Tenda CH22 Buffer Overflow Vulnerability

CVE-2025-53818 – GitHub Kanban MCP Server Command Injection Vulnerability

CVE-2025-53260 – Redhawk Studio WordPress File Manager Unrestricted File Upload Vulnerability

Related Posts