Skip to main content

Omgf Pro

1 CVEs product

Monthly

CVE-2026-57700 CRITICAL Act Now

Arbitrary file upload in Daan.Dev's OMGF Pro WordPress plugin (versions through 5.2.6) lets remote attackers upload files of dangerous types, enabling webshell deployment and full site/server takeover. The CVSS 3.1 base score is 10.0 with a scope-changed vector, and the vector's PR:N indicates the flaw is reachable without authentication. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

File Upload Omgf Pro
NVD
CVSS 3.1
10.0
EPSS
0.4%
EPSS 0% CVSS 10.0
CRITICAL Act Now

Arbitrary file upload in Daan.Dev's OMGF Pro WordPress plugin (versions through 5.2.6) lets remote attackers upload files of dangerous types, enabling webshell deployment and full site/server takeover. The CVSS 3.1 base score is 10.0 with a scope-changed vector, and the vector's PR:N indicates the flaw is reachable without authentication. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

File Upload Omgf Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy