CVE-2025-1304 | NewsBlogger Theme up to 0.2.5.1 on WordPress newsblogger_install_and_activate_plugin unrestricted upload

April 30, 2025 Yanac

A vulnerability was found in NewsBlogger Theme up to 0.2.5.1 on WordPress. It has been declared as critical. Affected by this vulnerability is the function newsblogger_install_and_activate_plugin. The manipulation leads to unrestricted upload.

This vulnerability is known as CVE-2025-1304. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More