{"id":64938,"date":"2025-06-11T22:32:45","date_gmt":"2025-06-11T19:02:45","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-6002-virtuemart-unrestricted-file-upload-vulnerability\/"},"modified":"2025-06-11T22:32:45","modified_gmt":"2025-06-11T19:02:45","slug":"cve-2025-6002-virtuemart-unrestricted-file-upload-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-6002-virtuemart-unrestricted-file-upload-vulnerability\/","title":{"rendered":"CVE-2025-6002 &#8211; VirtueMart Unrestricted File Upload Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-6002<br \/>\n<br \/>\n<strong>Published : <\/strong> June 11, 2025, 5:15 p.m. | 1\u00a0hour, 43\u00a0minutes ago<br \/>\n<br \/>\n<strong>Description : <\/strong>An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts depending on server configuration.<br \/>\n<br \/>\n<strong>Severity:<\/strong> 7.2 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-6002 Published : June 11, 2025, 5:15 p.m. | 1\u00a0hour, 43\u00a0minutes ago Description : An unrestricted file upload vulnerability exists in the Product Image section of the VirtueMart backend. Authenticated attackers can upload files with arbitrary extensions, including executable or malicious files, potentially leading to remote code execution or other security impacts &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-64938","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64938","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=64938"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/64938\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=64938"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=64938"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=64938"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}