Arbitrary file deletion in PerfreeBlog 4.0.11 lets attackers remove files outside the intended theme directory by abusing the unInstallTheme theme-management function. Publicly available exploit code exists, though the flaw is not on CISA KEV and carries a low EPSS score (0.31%, 22nd percentile), indicating limited real-world exploitation to date. The CVSS 3.1 vector (PR:N/UI:R) implies an unauthenticated attacker who tricks an interacting user into triggering the deletion, consistent with a CSRF-style delivery against an administrator.
Cross-Site Request Forgery in WordPress IndieAuth plugin (all versions ≤4.5.4) enables unauthenticated attackers to force authenticated users to authorize malicious OAuth applications, leading to account takeover with full administrative privileges (create, update, delete scopes). Missing nonce validation on login_form_indieauth() and the /wp-login.php?action=indieauth authorization endpoint allows attackers to steal authorization codes and exchange them for access tokens. CVSS 8.8 (High) with network attack vector and low complexity. EPSS data not available; no confirmed active exploitation (CISA KEV) or public exploit code identified at time of analysis. Patch released in version 4.5.5.
Arbitrary file upload in PerfreeBlog 4.0.11 lets an authenticated user abuse the installPlugin function to upload malicious files, likely enabling web shell deployment and remote code execution on the blog server. A public technical write-up with proof-of-concept exists on GitHub, though the flaw is not listed in CISA KEV and carries a low EPSS score (0.28%, 20th percentile), indicating no confirmed widespread exploitation yet.
Arbitrary file upload in PerfreeBlog v4.0.11 lets an authenticated attacker abuse the installTheme function to upload malicious files (e.g. a web shell), typically resulting in server-side code execution and full compromise of the blog host. The flaw is a classic unrestricted-upload issue (CWE-434) reachable over the network by a low-privileged authenticated user; publicly available exploit code exists in the form of a GitHub write-up, though EPSS exploitation probability remains low (0.28%, 20th percentile) and it is not listed in CISA KEV.
Information disclosure in CBK Soft enVision before version 250566 allows remote unauthenticated attackers to perform account footprinting by observing response discrepancies, enabling enumeration of valid user accounts and exposure of private personal information. No public exploit identified at time of analysis, and EPSS scoring (0.04%, 14th percentile) indicates very low near-term exploitation probability despite the High CVSS rating of 7.5.
Arbitrary file upload in AIO Forms (WordPress plugin) through version 1.3.18 enables authenticated administrators to upload malicious files and execute arbitrary code on the server. The vulnerability stems from insufficient file type validation in the plugin's import functionality (CWE-434). While requiring administrator-level access (CVSS PR:H), this represents a privilege escalation risk in compromised or multi-admin environments and could enable persistent backdoor installation. No public exploit identified at time of analysis, and exploitation requires high-privilege credentials, limiting immediate mass-exploitation risk.