CVE-2025-47452

CWE-434 — Unrestricted File Upload3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 66.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rextheme WP VR

Timeline

PublishedJun 17

Description

Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR wpvr allows Upload a Web Shell to a Web Server.This issue affects WP VR: from n/a through <= 8.5.26.

Affected Packages1 packages

▶CVEListV5rextheme/wp_vr8.5.26

🔴Vulnerability Details

GHSA

GHSA-gq34-vr4x-cjqc: Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server↗2025-06-17

▶

CVEList

WordPress WP VR plugin <= 8.5.26 - Arbitrary File Upload Vulnerability↗2025-06-17

▶