ZDNet

RCE is back: VMware details file upload vulnerability in vCenter Server

If you haven't patched vCenter in recent months, please do so at your earliest convenience. Following on from its remote code execution hole in vCentre in May, VMware has warned of a critical ...

Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...
Bleeping Computer

Latest File Upload news

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. A critical vulnerability ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Infosecurity-magazine.com

Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites

A new security vulnerability in the Chaty Pro plugin has been identified, potentially allowing attackers to take over WordPress sites by uploading malicious files. Chaty Pro is a popular WordPress ...
Searchenginejournal.com

Elementor WordPress Plugin Vulnerability

High severity vulnerability was discovered in the Elementor website builder plugin that could allow an attacker to upload files to the website server and execute them. The vulnerability is in the ...
Searchenginejournal.com

WordPress Vulnerability: ShortPixel Enable Media Replace Plugin

National Vulnerability Database published a vulnerability advisory about the ShortPixel Enable Media Replace WordPress plugin used by over 600,000 websites. A high severity vulnerability was ...