What is the CVSS score of CVE-2026-28133?

CVE-2026-28133 has a CVSS 3.1 base score of 8.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Filr are affected by CVE-2026-28133?

The Filr WordPress plugin (versions ≤1.2.12) contains an arbitrary file upload vulnerability allowing authenticated users with low-level privileges to execute remote code on affected websites.

Filr CVE-2026-28133

Q: How to fix or mitigate CVE-2026-28133?

Within 24 hours: Identify all WordPress installations using Filr plugin ≤1.2.12 and document current users with upload permissions. Within 7 days: Either disable the Filr plugin entirely or restrict upload capabilities to administrator-only roles; review user access logs for suspicious file uploads. Within 30 days: Monitor Patchstack and WordPress plugin repository for vendor patch release; if patch becomes available, test and deploy immediately to all affected installations.

HIGH

Unrestricted Upload of File with Dangerous Type (CWE-434)

2026-03-05 audit@patchstack.com

File Upload

8.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Updated

Apr 28, 2026 - 13:29 vuln.today

v2 (cvss_changed)

CVSS changed

Apr 28, 2026 - 13:22 NVD

8.1 (HIGH) 8.5 (HIGH)

Re-analysis Queued

Apr 22, 2026 - 21:37 vuln.today

cvss_changed

Analysis Generated

Mar 12, 2026 - 22:06 vuln.today

CVE Published

Mar 05, 2026 - 06:16 nvd

HIGH 8.1

DescriptionNVD

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through <= 1.2.12.

AnalysisAI

Arbitrary file upload in Filr WordPress plugin versions ≤1.2.12 allows authenticated attackers with low privileges to upload web shells, achieving remote code execution with changed scope (S:C). Despite high CVSS 8.5, exploitation requires authentication and moderately complex conditions (AC:H). …

RemediationAI

Within 24 hours: Identify all WordPress installations using Filr plugin ≤1.2.12 and document current users with upload permissions. Within 7 days: Either disable the Filr plugin entirely or restrict upload capabilities to administrator-only roles; review user access logs for suspicious file uploads. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-28133 vulnerability details – vuln.today

Back

Filr CVE-2026-28133

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code