[CYBERDIGEST]
⊞ Dashboard ⚡ Intelligence 📝 Reports 📚 Global Threats 💻 Hack Lab 🗄️ Resources ⌬ 0xJerry's Lab
📡 RSS Feed
System Online

Tag

#Arbitrary File Upload

articleHIGH 8.8

Critical Vulnerability in Swiss Toolkit For WP Plugin: Arbitrary File Upload and Potential RCE

The Swiss Toolkit For WP plugin for WordPress, versions up to and including 1.4.6, is vulnerable to arbitrary file upload due to a flawed file type validation bypass. This allows authenticated attackers with Author-level access to upload arbitrary files, potentially leading to remote code execution if the 'Enhanced Multi-Format Image Support' feature is enabled. The vulnerability has a CVSS score of 8.8, indicating high severity. Immediate patching is recommended.

Jul 12, 20261 source
newsCRITICAL 9.8

CVE-2026-15158: Critical Arbitrary File Upload Vulnerability in Blocksy Companion Plugin

A critical vulnerability (CVE-2026-15158, CVSS 9.8) exists in the Blocksy Companion plugin for WordPress, allowing unauthenticated attackers to upload executable files, leading to remote code execution. This vulnerability affects the premium version of the plugin (blocksy-companion-pro) when used with specific extensions. Immediate action is required to mitigate this threat.

Jul 10, 20261 source