CVE-2025-24650

Unknown CVSS: -

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through <= 2.15.3.

Vendor

Themefic

Product

Tourfic

CWE

CWE-434

Yayın Tarihi

2025-01-24 18:15:39

Güncelleme

2026-04-01 17:17:59

Source Identifier

audit@patchstack.com

KEV Date Added

Kategoriler

CWE-434 Tourfic Themefic 2025

Referanslar

https://patchstack.com/database/Wordpress/Plugin/tourfic/vulnerability/wordpress-tourfic-plugin-2-15-3-arbitrary-file-upload-vulnerability?_s_id=cve

Benzer Kayıtlar

Medium

CVE-2025-6756

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's U…

High

CVE-2025-6212

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Database m…

High

CVE-2025-6220

The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to missing file typ…

High

CVE-2025-47549

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic BEAF beaf-before-and-after-gallery allows Uplo…

High

CVE-2025-47550

Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Instantio instantio allows Upload a Web Shell…