CVE-2025-28951 – CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

July 4, 2025

CVE ID : CVE-2025-28951

Published : July 4, 2025, 9:15 a.m. | 1 hour, 14 minutes ago

Description : Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image allows Upload a Web Shell to a Web Server. This issue affects Bulk Featured Image: from n/a through 1.2.1.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-28957 – OwnerRez Cross-Site Scripting

Next Article CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-28951 – CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

CVE-2025-24748 – LambertGroup All In One Slider Responsive SQL Injection

CVE-2025-27358 – mndpsingh287 Frontend File Manager Basic XSS Vulnerability

Basic Networking Part 6 – What is OSI Model?

Integrate Amazon Bedrock Agents with Slack

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild

DDoS Attack Hits Adyen, Causing Transaction Failures in EU

Perform OS upgrades for Amazon RDS Custom for SQL Server CEV with Multi-AZ

SkyEmu is a Game Boy Advance, Game Boy, Game Boy Color, and DS emulator

Microsoft will add the Calendar Flyout Clock to Windows 11’s Notification Center

AIOps Corner podcast series engages in the art of the possible for your AIOps journey

CVE-2025-28951 – CreedAlly Bulk Featured Image Unrestricted File Upload Vulnerability

Related Posts