CVE-2025-31048

Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4.
Configurations

No configuration.

History

28 Apr 2026, 19:30

Type Values Removed Values Added
Summary (en) Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through <= 1.1.4. (en) Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4.
References
  • {'url': 'https://patchstack.com/database/Wordpress/Theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/wordpress/theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve -

23 Apr 2026, 15:27

Type Values Removed Values Added
References
  • {'url': 'https://patchstack.com/database/wordpress/theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve -
Summary (en) Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through 1.1.4. (en) Unrestricted Upload of File with Dangerous Type vulnerability in Themify Shopo shopo allows Upload a Web Shell to a Web Server.This issue affects Shopo: from n/a through <= 1.1.4.

20 Jan 2026, 15:16

Type Values Removed Values Added
References
  • {'url': 'https://vdp.patchstack.com/database/wordpress/theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/wordpress/theme/shopo/vulnerability/wordpress-shopo-1-1-4-arbitrary-file-upload-vulnerability?_s_id=cve -

05 Jan 2026, 11:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-01-05 11:17

Updated : 2026-06-17 09:09


NVD link : CVE-2025-31048

Mitre link : CVE-2025-31048

CVE.ORG link : CVE-2025-31048


JSON object : View

Products Affected

No product.

CWE
CWE-434

Unrestricted Upload of File with Dangerous Type