Axelkeller Gpx Viewer vulnerabilities
2 known vulnerabilities affecting axelkeller/gpx_viewer.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-10629P2HIGHCVSS 8.8≤ 2.2.92024-11-13
CVE-2024-10629 [HIGH] CWE-862 CVE-2024-10629: The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capabi
The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxv_file_upload() function in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files on the affected sit
nvd
CVE-2025-27274P4MEDIUMCVSS 4.9≤ 2.2.112025-03-03
CVE-2025-27274 [MEDIUM] CWE-35 CVE-2025-27274: Path Traversal: '.../...//' vulnerability in axelkeller GPX Viewer gpx-viewer allows Path Traversal.
Path Traversal: '.../...//' vulnerability in axelkeller GPX Viewer gpx-viewer allows Path Traversal.This issue affects GPX Viewer: from n/a through <= 2.2.11.
nvd