CVE-2025-27282

Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through <= 1.3.
Configurations

No configuration.

History

23 Apr 2026, 15:26

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.9

01 Apr 2026, 17:19

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.9
v2 : unknown
v3 : unknown
Summary
  • (es) Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en rockgod100 Theme File Duplicator permite el uso de archivos maliciosos. Este problema afecta al duplicador de archivos de temas desde la versión n/d hasta la 1.3.
Summary (en) Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator allows Using Malicious Files. This issue affects Theme File Duplicator: from n/a through 1.3. (en) Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator theme-file-duplicator allows Using Malicious Files.This issue affects Theme File Duplicator: from n/a through <= 1.3.
References
  • {'url': 'https://patchstack.com/database/wordpress/plugin/theme-file-duplicator/vulnerability/wordpress-theme-file-duplicator-plugin-1-3-arbitrary-file-upload-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Plugin/theme-file-duplicator/vulnerability/wordpress-theme-file-duplicator-plugin-1-3-arbitrary-file-upload-vulnerability?_s_id=cve -

17 Apr 2025, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-17 16:15

Updated : 2026-06-17 09:03


NVD link : CVE-2025-27282

Mitre link : CVE-2025-27282

CVE.ORG link : CVE-2025-27282


JSON object : View

Products Affected

No product.

CWE
CWE-434

Unrestricted Upload of File with Dangerous Type