CyberRota
← Ana sayfaya dön

CVE-2025-15546

UNKNOWN · CVSS N/A EPSS %0.15

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-14T08:16:17.040 · Çekilme zamanı: 2026-06-30T18:21:09.268778+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2025-15546
Severity
UNKNOWN
CVSS
N/A
EPSS
%0.15
WordPress

Orijinal NVD Açıklaması

The Iptanus File Upload WordPress plugin before 5.1.7 does not implement proper file handling when the duplicatepolicy setting is configured to "maintain both." Due to a Time-of-Check to Time-of-Use (TOCTOU) race condition between the file existence check and the actual file write operation, an authenticated attacker can overwrite files uploaded by other users.