top of page
perceptive_background_267k.jpg

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WP…

Published:

26 May 2026 at 22:00:00

Alert date:

27 May 2026 at 12:04:12

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

Critical vulnerability in WPify Woo Czech WordPress plugin allows unrestricted file upload with dangerous file types. Attackers can exploit this flaw to upload web shells to web servers, enabling remote code execution. The vulnerability affects all versions of the plugin up to and including version 5.4.1. This represents a significant security risk for WordPress sites using the affected plugin as it can lead to complete server compromise.

Technical details

Mitigation steps:

Affected products:

WPify Woo Czech
wpify-woo

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-42748
https://patchstack.com/database/Wordpress/Plugin/wpify-woo/vulnerability/wordpress-wpify-woo-czech-plugin-5-4-1-arbitrary-file-upload-vulnerability?_s_id=cve

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page