CVEs-PoC/2025/CVE-2025-8889.md at 4e4e30233e70832d643d5c6ab6fbfa6f130b4bb1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-29 20:39:28 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The Compress & Upload WordPress plugin before 1.0.5 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)

POC

Reference

https://wpscan.com/vulnerability/5d84a577-62aa-4aa2-ac39-b146eae65243/

Github

https://github.com/PuddinCat/GithubRepoSpider
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/siberkampus/CVE-2025-8889

935 B Raw Blame History

CVE-2025-8889

Description

POC

Reference

Github

935 B

Raw Blame History