CVE-2025-12630 – Upload.am File Hosting VPN < 1.0.1 – Contributor+ Arbitrary Option Disclosure

CVE ID : CVE-2025-12630

Published : Dec. 2, 2025, 3:57 p.m. | 28 minutes ago

Description : The Upload.am WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing users such as contributor to view site options.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-13877 – nocobase JWT Service jwt-service.ts hard-coded key

CVE-2025-58113 – PDF-XChange Editor Out-of-Bounds Read Vulnerability

CVE-2025-59705 – Entrust nShield Connect XC, nShield 5c, and nShield HSMi Privilege Escalation Vulnerability

CVE-2025-59702 – Entrust nShield Connect XC, nShield 5c, and nShield HSMi Tamper Bypass Vulnerability