Omgf Pro
Monthly
Arbitrary file upload in Daan.Dev's OMGF Pro WordPress plugin (versions through 5.2.6) lets remote attackers upload files of dangerous types, enabling webshell deployment and full site/server takeover. The CVSS 3.1 base score is 10.0 with a scope-changed vector, and the vector's PR:N indicates the flaw is reachable without authentication. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Arbitrary file upload in Daan.Dev's OMGF Pro WordPress plugin (versions through 5.2.6) lets remote attackers upload files of dangerous types, enabling webshell deployment and full site/server takeover. The CVSS 3.1 base score is 10.0 with a scope-changed vector, and the vector's PR:N indicates the flaw is reachable without authentication. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.